inbox-placement-monitor

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a local Python script (resend.py) located within the agent's plugin root to automate seed-list tests. This script is part of the vendor's provided toolset and is used for legitimate automation purposes.
  • [PROMPT_INJECTION]: The instructions include a robust security boundary by explicitly directing the agent to treat all imported files, reports, and pastes as untrusted evidence rather than commands, effectively mitigating the risk of indirect prompt injection from malicious email telemetry data.
  • [DATA_EXPOSURE]: The skill manages state and results by writing to local memory directories (memory/email/). This is standard behavior for maintaining deliverability trends across sessions and does not involve exfiltration of sensitive information.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:34 AM
Security Audit — agent-trust-hub — inbox-placement-monitor