Skills
skills/yasserstudio/perfex-crm-skills/perfex-email/Gen Agent Trust Hub

perfex-email

Warn

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The _render_email_template function performs dynamic file inclusion using include(__DIR__ . '/../views/emails/' . $template . '.php'). This pattern is susceptible to Local File Inclusion (LFI) if the $template parameter is influenced by untrusted data.
  • [COMMAND_EXECUTION]: The implementation uses extract($data), which dynamically creates variables from array keys. This can lead to variable collision or overwriting internal state if the data source is not authenticated or validated.
  • [DATA_EXFILTRATION]: The instructions advise on using mail_debug and print_debugger(), which expose raw SMTP communications. The skill correctly identifies that this can leak sensitive data (PII or tokens) if left enabled in production environments.
  • [PROMPT_INJECTION]: The skill implements a surface for indirect prompt injection via the email template rendering engine.
  • Ingestion points: The $data array in _render_email_template (SKILL.md).
  • Boundary markers: Absent.
  • Capability inventory: Database inserts via enqueue_email_retry and dynamic file inclusion via include (SKILL.md).
  • Sanitization: Uses htmlspecialchars() for variable rendering, but lacks validation for array keys or file paths.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 22, 2026, 05:03 PM