email-render-builder
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill proactively mitigates indirect prompt injection risks by instructing the agent to treat all user-provided HTML, templates, and scraped markup as untrusted input. It explicitly forbids executing or following any instructions embedded within such content.
- Ingestion points: User-pasted HTML and email creative content (documented in SKILL.md).
- Boundary markers: Present; Instruction 1 establishes a clear security boundary for untrusted data.
- Capability inventory: File system access for saving logs and script execution for render testing.
- Sanitization: Explicit instruction to ignore embedded directives and external resources.
- [COMMAND_EXECUTION]: Provides a functional command to execute a local Python script (
resend.py) for sending emails. This is a documented feature for performing "Measured" render testing by delivering builds to the user's own test inboxes via the Resend service. - [EXTERNAL_DOWNLOADS]: The skill facilitates network interaction with the Resend email service provider API for its core functionality. This is a legitimate use of a well-known service for email development tasks.
Audit Metadata