Skills
skills/wshaddix/dotnet-skills/mjml-email-templates/Gen Agent Trust Hub

mjml-email-templates

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a custom template variable substitution engine in the MjmlTemplateRenderer class that is vulnerable to indirect injection.
  • Ingestion points: The RenderTemplateAsync method accepts a dictionary of variables (IReadOnlyDictionary<string, string> variables) which are sourced from external inputs such as recipientName, inviterName, and organizationName in the UserEmailComposer class.
  • Boundary markers: There are no boundary markers or instructions to the renderer to ignore MJML/HTML tags within the variable values.
  • Capability inventory: The skill uses the Mjml.Net library to render MJML strings into HTML.
  • Sanitization: The SubstituteVariables method performs a direct string replacement using a regular expression ({{([^}]+)}}) without any HTML encoding or sanitization of the values. If an attacker-controlled variable (e.g., OrganizationName) contains malicious MJML tags or scripts, they will be injected directly into the template before compilation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 03:43 PM