email-templates
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (HTML injection) because it interpolates untrusted data from form submissions directly into email templates. An attacker could provide malicious HTML or script tags in fields like 'name' or 'message' which would then be rendered by the recipient's email client.
- Ingestion points:
LeadNotificationData,ConfirmationData, andQuoteDatafields inreferences/lead-notification.md,references/customer-confirmation.md, andreferences/quote-result.md. - Boundary markers: No delimiters or protective markers are used to isolate user data from the template structure.
- Capability inventory: The skill utilizes the
resendlibrary to transmit generated HTML emails to external recipients. - Sanitization: No evidence of HTML escaping, validation, or sanitization of input data was found in the provided code snippets.
- [EXTERNAL_DOWNLOADS]: The skill implementation references and requires the installation of the
resendNode.js package to handle email delivery. This is a standard dependency for integrating with the Resend email service.
Audit Metadata