zeabur-email
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to use
npx zeabur@latest, which downloads and executes the official command-line interface provided by the skill's author (Zeabur) directly from the npm registry. - [COMMAND_EXECUTION]: Shell commands (
npx,curl) are used to interact with the Zeabur platform. These commands interpolate user-supplied parameters such as domain names, resource IDs, and email content. - [DATA_EXFILTRATION]: Email configuration and content are sent to the official Zeabur API endpoint at
api.zeabur.com. This is necessary for the skill's primary function of managing and sending emails via the vendor's service. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted user data into shell commands.
- Ingestion points: User input for domain names, resource IDs, and email fields (from, to, subject, body) in SKILL.md.
- Boundary markers: None explicitly present in the provided shell templates.
- Capability inventory: Executes shell commands via
npxand performs network operations viacurl(SKILL.md). - Sanitization: None specified; the skill relies on the agent's default safety constraints for shell argument handling.
Audit Metadata