resend
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill guides users to manage API keys through environment variables in
.env.localfiles, which is an established security best practice for protecting secrets.\n- [DATA_EXFILTRATION]: Includes code to read local files usingfs.readFileSyncfor email attachments. This operation is standard for the skill's primary purpose of email communication.\n- [PROMPT_INJECTION]: The skill interpolates external data into email templates, which identifies a potential surface for indirect prompt injection.\n - Ingestion points: Untrusted data is ingested from HTTP request bodies in Next.js API routes and Server Action arguments (e.g.,
email,username,message).\n - Boundary markers: The provided code snippets do not incorporate explicit delimiters or instructions to the agent to ignore potentially malicious instructions embedded in the user data.\n
- Capability inventory: The skill allows for local file system access and network transmission through the Resend API.\n
- Sanitization: The examples do not demonstrate input sanitization or HTML escaping before rendering user-provided content into email bodies.
Audit Metadata