orbit-gmail
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill uses specific directives to ensure the AI reproduces a fixed design template and ignores user-provided design tokens. This is a functional constraint to achieve the desired Gmail interface and does not constitute a malicious override of agent safety protocols.
- [SAFE]: The skill provides navigation to the user's Gmail account via standard search URLs. This is an expected feature for an email summary tool and does not result in unauthorized data exposure.
- [SAFE]: The provided
example.htmlincludes a shim forlocalStorageandsessionStorage. This utility ensures the preview renders correctly in sandboxed environments where storage APIs might be restricted, posing no security risk. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing untrusted email data.
- Ingestion points: Processes email content (sender, subject, body) from the user's Gmail connection.
- Boundary markers: The instructions lack delimiters or explicit instructions to treat summarized email content as potentially untrusted data.
- Capability inventory: The skill generates HTML and JavaScript capable of browser-side navigation.
- Sanitization: No specific content sanitization or validation logic is requested in the skill's instructions.
Audit Metadata