mailsac
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches email messages and attachments from MailSac's official API.
- [COMMAND_EXECUTION]: The skill uses bash -c to wrap curl commands, which is a standard pattern for maintaining environment variables across shell pipes.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes and displays external email content.
- Ingestion points: Email content is retrieved from mailsac.com API endpoints as shown in SKILL.md.
- Boundary markers: No delimiters or safety instructions are used when presenting email content to the agent.
- Capability inventory: The agent has access to shell commands and local file storage as defined in SKILL.md.
- Sanitization: No sanitization or filtering is applied to the email content before it is processed by the agent.
Audit Metadata