react-email
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill facilitates the installation of multiple npm packages including
react-email,@react-email/components, and email provider SDKs (resend,@sendgrid/mail). While these are industry-standard packages, they are unversioned in the documentation. - [COMMAND_EXECUTION] (LOW): The skill instructions include project initialization using
npx create-email@latest, which downloads and executes code from the npm registry. - [PROMPT_INJECTION] (LOW): The skill provides an indirect prompt injection surface by interpolating user-provided data directly into HTML templates. \n
- Ingestion points: Component props like
nameandverificationUrlinSKILL.md.\n - Boundary markers: Absent; dynamic data is mixed directly with template text.\n
- Capability inventory: Logic for rendering HTML and sending emails via various providers in
references/SENDING.md.\n - Sanitization: Relies on React's default JSX escaping, which protects against XSS but not against malicious instructions intended for downstream AI processors.
Audit Metadata