The Agent Skills Directory

[SAFE]: The skill implements a human-in-the-loop workflow for sending emails. It enforces a 'Draft-First Policy' and requires 'Mandatory Preview Before Any Action' in SKILL.md to ensure no emails are sent without explicit user approval.
[DATA_EXFILTRATION]: Sensitive Gmail OAuth credentials (Client ID, Secret, and Refresh Token) are managed locally in a config.env file. Network requests are restricted to official Google API endpoints (accounts.google.com, oauth2.googleapis.com, and gmail.googleapis.com) for authentication and email transmission.
[COMMAND_EXECUTION]: The skill utilizes local Bash scripts (scripts/send_email.sh, scripts/send_email_oauth.sh) to perform API requests and data encoding. These scripts use standard tools like curl and base64 and do not exhibit any malicious execution patterns or privilege escalation.

novita-mailer