resend-inbound
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted data from incoming emails, creating a vulnerability surface for indirect prompt injection. * Ingestion points: resend.emails.receiving.get (SKILL.md) and webhook data parsing. * Boundary markers: Absent; no isolation strategies are suggested for email bodies. * Capability inventory: resend.emails.send (email forwarding) and fetch (attachment retrieval) in SKILL.md. * Sanitization: Absent; the provided examples forward raw email content without filtering.
- Security Best Practices (SAFE): Code snippets implement robust webhook signature verification using the svix library via Resend and use process.env for sensitive credentials.
Audit Metadata