email-systems
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists of documentation and reference implementation patterns that follow standard software development best practices with no detected malicious patterns.- [DATA_EXPOSURE]: The provided code samples demonstrate the secure usage of environment variables (e.g.,
RESEND_API_KEYandREDIS_URL) to manage sensitive service credentials, preventing hardcoded secrets.- [PROMPT_INJECTION]: The skill involves the processing of external data within email templates, which constitutes a potential surface for indirect prompt injection. - Ingestion points: External data is passed via props to React Email components like
WelcomeEmailand parameters in thesendEmailfunction withinSKILL.md. - Boundary markers: The skill does not explicitly define custom delimiters for variable interpolation in templates.
- Capability inventory: The skill utilizes network capabilities to send emails via the Resend API and perform DNS lookups, as well as database capabilities to manage user records and suppression lists.
- Sanitization: The implementation relies on the default HTML escaping provided by the
react-emaillibrary, which mitigates basic script injection but does not specifically target prompt-based manipulation of downstream agents.- [EXTERNAL_DOWNLOADS]: All external libraries mentioned (resend, @react-email/components, bullmq, ioredis) are well-known, legitimate packages hosted on the official npm registry.
Audit Metadata