Skills
skills/ravi-hq/ravi-skills/ravi-inbox/Gen Agent Trust Hub

ravi-inbox

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes vendor-specific command-line tools (ravi inbox sms, ravi inbox email) to retrieve communication data from the Ravi platform.
  • [DATA_EXFILTRATION]: Accesses sensitive incoming messages, including One-Time Passwords (OTPs), 2FA codes, and account verification links, which are high-value targets for credential harvesting.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing arbitrary text from external SMS and email messages without sanitization.
  • Ingestion points: Incoming message bodies retrieved via ravi inbox in SKILL.md.
  • Boundary markers: None; message content is processed as raw text without delimiters.
  • Capability inventory: Read-only access in this specific skill.
  • Sanitization: None; the provided examples use jq and grep to extract data directly from untrusted message text.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 09:23 PM