email-whiz
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain any detected prompt injection, obfuscation, or data exfiltration patterns. All external operations are handled via the Gmail MCP tools with explicit user consent requirements.
- [COMMAND_EXECUTION]: The skill executes local scripts (
scripts/inbox_snapshot.pyandscripts/validate-skill.sh). The Python script is used for persistence of inbox statistics (streaks/trends) and is limited to standard library modules. The Bash script is a utility for verifying the integrity of the skill's own files. - [INDIRECT_PROMPT_INJECTION]: While the skill processes untrusted email content, it includes robust mitigation strategies. The 'Hybrid Mode Protocol' and 'Critical Rules' mandate that any action modifying or deleting email state requires a structured confirmation showing the scope and sample data before execution, preventing the agent from autonomously obeying instructions embedded in email bodies.
Audit Metadata