email-sequence
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from external sources, presenting an indirect prompt injection surface.
- Ingestion points: Untrusted data enters the agent context via
materialUrl,materialFile, andmaterialTextas specified inreferences/form-schema.json. - Boundary markers: The skill does not implement delimiters or explicit instructions to the agent to disregard commands embedded within the input data.
- Capability inventory: The skill employs
scripts/run.pyto perform network requests and data transmission to the vendor API atai-skills.ai. - Sanitization: No validation or sanitization of input data is performed in the provided scripts before processing.
- [EXTERNAL_DOWNLOADS]: The Python runner script (
scripts/run.py) performs network requests toai-skills.aito communicate with the backend service. This domain is the primary infrastructure for the skill author.
Audit Metadata