find-email-by-name

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the orth CLI tool to interact with external APIs. It specifically instructs the agent to use separate query flags (-q) instead of joining parameters with & to prevent shell injection vulnerabilities during command construction.
  • [PROMPT_INJECTION]: The skill accesses MEMORY.md to retrieve context regarding customer profiles and targets. This is an indirect prompt injection surface as MEMORY.md may contain untrusted data that could influence agent behavior.
  • Ingestion points: Reads from MEMORY.md to establish context.
  • Boundary markers: None specified for the data read from memory.
  • Capability inventory: Shell command execution via the orth CLI tool.
  • Sanitization: The skill explicitly mitigates shell injection risks by mandating a specific command-line argument format.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:54 AM
Security Audit — agent-trust-hub — find-email-by-name