rails-action-mailer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill contains standard documentation and code examples for Ruby on Rails Action Mailer. No malicious behaviors, obfuscation, or security bypasses were identified.\n- Data Exposure & Exfiltration (SAFE): The skill correctly demonstrates the use of environment variables and Rails credentials for sensitive SMTP configuration, avoiding hardcoded secrets.\n- Indirect Prompt Injection (SAFE): The skill describes standard data ingestion for email templates (e.g., user profiles). It relies on Rails' built-in ERB sanitization and does not introduce unsafe data handling practices. \n
- Ingestion points: params hash in mailer classes (e.g., UserMailer.with(user: @user)).\n
- Boundary markers: Relies on standard Rails ERB delimiters (<%= %>).\n
- Capability inventory: Sending emails via SMTP or custom delivery methods.\n
- Sanitization: Default Rails ERB HTML/text escaping.
Audit Metadata