email-render-builder

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill proactively mitigates indirect prompt injection risks by instructing the agent to treat all user-provided HTML, templates, and scraped markup as untrusted input. It explicitly forbids executing or following any instructions embedded within such content.
  • Ingestion points: User-pasted HTML and email creative content (documented in SKILL.md).
  • Boundary markers: Present; Instruction 1 establishes a clear security boundary for untrusted data.
  • Capability inventory: File system access for saving logs and script execution for render testing.
  • Sanitization: Explicit instruction to ignore embedded directives and external resources.
  • [COMMAND_EXECUTION]: Provides a functional command to execute a local Python script (resend.py) for sending emails. This is a documented feature for performing "Measured" render testing by delivering builds to the user's own test inboxes via the Resend service.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates network interaction with the Resend email service provider API for its core functionality. This is a legitimate use of a well-known service for email development tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:34 AM
Security Audit — agent-trust-hub — email-render-builder