skills/freekmurze/dotfiles/mailcoach/Gen Agent Trust Hub

mailcoach

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the management of email marketing data by executing the mailcoach CLI tool. It supports a wide range of operations including managing email lists, subscribers, campaigns, and transactional emails.
  • [DATA_EXPOSURE]: Documentation correctly identifies that authentication tokens and instance URLs are stored locally in ~/.mailcoach/config.json. This is standard behavior for CLI tools, and the skill does not include instructions to read or transmit this file's contents to unauthorized third parties.
  • [EXTERNAL_DOWNLOADS]: The skill assumes the mailcoach CLI is pre-installed and does not attempt to download or execute external scripts or binaries during runtime.
  • [PROMPT_INJECTION]: No malicious patterns or instructions designed to bypass agent safety filters or override system prompts were detected. Instructions focus solely on the technical use of the CLI.
  • [INDIRECT_PROMPT_INJECTION]: The skill possesses a vulnerability surface as it processes external data such as subscriber CSV files and HTML templates for campaigns.
  • Ingestion points: External data enters the context via CSV imports (mailcoach create-subscriber-import) and HTML content updates (mailcoach update-campaign).
  • Boundary markers: The instructions do not define specific delimiters or warnings to ignore embedded instructions in the processed data.
  • Capability inventory: The skill uses subprocess calls to the mailcoach CLI, which performs network operations to the user's Mailcoach instance.
  • Sanitization: There is no mention of sanitization for the HTML or CSV content within the skill's instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 08:41 AM
Security Audit — agent-trust-hub — mailcoach