email-template-generator-skill
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection.
- Ingestion points: User-provided context and specific details are ingested during the email generation workflow in SKILL.md.
- Boundary markers: No explicit delimiters or instructions are used to isolate user-provided text from the agent's core instructions.
- Capability inventory: The skill performs file-system write operations to the ~/.claude/skill-analytics/ directory as defined in the Emit Outcome Sidecar section of SKILL.md.
- Sanitization: There is no evidence of sanitization or validation of user-provided content before it is processed or logged.
Audit Metadata