email-nurture-planner
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for email strategy and planning without executing dangerous operations. It utilizes internal tools (Tiger Den MCP) to retrieve marketing context and customer restriction lists, which are treated as constraints rather than executable code. No obfuscation, unauthorized network calls, or persistence mechanisms were detected.
- [PROMPT_INJECTION]: While the skill ingests external content from marketing databases and content search results, it does so for the purpose of grounding its output in brand guidelines. This creates a surface for indirect prompt injection if the source data were compromised; however, the skill's capabilities are limited to planning and information retrieval, which prevents the escalation of such an attack into remote code execution or file system modification. No explicit boundary markers were observed for the ingested data.
Audit Metadata