email-best-practices
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a knowledge base and architectural guide for developers. It focuses on educating users about email deliverability, compliance with international laws (GDPR, CAN-SPAM, CASL), and production-ready infrastructure.
- [COMMAND_EXECUTION]: The documentation includes standard command-line instructions for using diagnostic tools like
digto verify SPF, DKIM, and DMARC records. It also suggests usingngrokfor local webhook testing. These are legitimate development and troubleshooting practices. - [EXTERNAL_DOWNLOADS]: The skill references official documentation and open-source repositories from Resend, a legitimate email service provider, to help developers implement the described features.
- [CREDENTIALS_UNSAFE]: The code snippets provided correctly demonstrate best practices by advising the use of environment variables (e.g.,
process.env.RESEND_WEBHOOK_SECRET) for handling sensitive API keys and secrets rather than hardcoding them.
Audit Metadata