Skills
skills/ronnythedev/dotnet-clean-architecture-skills/email-service/Gen Agent Trust Hub

email-service

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [PROMPT_INJECTION]: The 'SendGridEmailService.cs' implementation accepts external parameters such as 'userName' and 'assessmentName' and interpolates them into email templates. It also provides a raw 'htmlBody' sending method. The lack of boundary markers or sanitization logic in these templates creates a surface for indirect prompt injection or the delivery of malicious content if the input source is compromised.
  • [EXTERNAL_DOWNLOADS]: The skill references the SendGrid API and library for its core functionality. SendGrid is a well-known, trusted third-party service for email delivery.
  • [CREDENTIALS_UNSAFE]: The configuration example in 'appsettings.json' includes a placeholder ('SG.your-sendgrid-api-key') for the API key. No legitimate secrets or sensitive credentials were detected in the skill code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 03:18 PM