roast-cold-email
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface. Evidence: 1. Ingestion points: Company research data entering via Tavily search (SKILL.md, Step 2); 2. Boundary markers: Absent; 3. Capability inventory: Sending emails via Python scripts (SKILL.md, Step 6); 4. Sanitization: A mandatory user review and confirmation step is included (SKILL.md, Step 5).
- [COMMAND_EXECUTION]: The skill includes Python code to interface with the Gmail API for sending messages. This execution involves local file access for credentials and network operations to well-known Google services.
- [EXTERNAL_DOWNLOADS]: The skill requires installing official Python packages from Google (
google-auth,google-auth-oauthlib,google-api-python-client) to facilitate authentication and API communication.
Audit Metadata