misoapps
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill handles untrusted external data through email delivery and logging functions, establishing an indirect prompt injection surface.
- Ingestion points: Content processed via
sendEmail,sendSystemEmail, and log data returned fromgetEmailLogsinSKILL.md. - Boundary markers: The SDK usage examples do not demonstrate the use of delimiters or instructions to the agent to ignore potentially malicious content within email bodies or subjects.
- Capability inventory: The skill allows for network operations (sending emails) and application management (installing/updating shop apps).
- Sanitization: No specific input sanitization or validation logic is presented in the integration examples.
- [EXTERNAL_DOWNLOADS]: The skill documentation requires the installation of the
@misoapps/mail-sdkand@misoapps/shop-sdkpackages from the NPM registry. - [DATA_EXFILTRATION]: The SDK methods are designed to transmit sensitive authentication data, such as Shopify access tokens and SMTP passwords, to the service's API endpoints at
mail-api.misoapps.comandshop-api.misoapps.com.
Audit Metadata