The Agent Skills Directory

[SAFE]: The skill implementation is consistent with its stated purpose. No evidence of malicious behavior, obfuscation, or unauthorized credential access was found. All network operations are directed to the expected 'agentmail' service.
[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill processes external email content which is inherently untrusted. 1. Ingestion points: Email subject and body content are fetched via the 'agentmail' API in 'scripts/scan_newsletters.py'. 2. Boundary markers: None. Extracted snippets are processed and output without specific delimiters. 3. Capability inventory: The current script is limited to text matching and stdout reporting; it does not possess file-writing or subprocess execution capabilities. 4. Sanitization: Employs a 'strip_html' helper to remove HTML tags but does not perform content-based filtering for logical instructions.

newsletter-monitor