swoosh-emails
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely educational, providing templates and configuration patterns for the Elixir Swoosh library. No malicious commands or scripts are included.
- [CREDENTIALS_SAFE]: Examples for production configuration correctly use
System.get_env/1to retrieve sensitive credentials (SENDGRID_API_KEY, SMTP_PASSWORD) from the environment, which is a recommended security practice. - [SAFE_DEPENDENCIES]: The dependency list includes standard, widely-used packages from the Hex.pm ecosystem (swoosh, finch, gen_smtp) with appropriate version pinning.
- [DATA_SECURITY]: The skill encourages the use of Phoenix HEEx components for email templates. These components provide automatic HTML escaping, which helps prevent content injection vulnerabilities in generated emails.
Audit Metadata