skills/mukul975/anthropic-cybersecurity-skills/implementing-dmarc-dkim-spf-email-security/Gen Agent Trust Hub
implementing-dmarc-dkim-spf-email-security
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs standard DNS auditing tasks to verify email authentication records as documented in its instructions.
- [EXTERNAL_DOWNLOADS]: Fetches record information from Google's DNS-over-HTTPS service (dns.google) as a trusted fallback mechanism for DNS lookups.
- [PROMPT_INJECTION]: Processes untrusted DMARC aggregate reports via XML parsing in scripts/process.py. This represents a surface for indirect prompt injection. Ingestion point: scripts/process.py (via parse_dmarc_report). Boundary markers: Absent. Capability inventory: DNS querying and report generation. Sanitization: Uses the standard library xml.etree.ElementTree for parsing.
- [SAFE]: Metadata contains minor inconsistencies in author names between the skill manifest (mahipal) and the license/context (mukul975), but these appear to be administrative errors rather than deceptive practices.
Audit Metadata