Skills
skills/posthog/ai-plugin/designing-email-templates/Gen Agent Trust Hub

designing-email-templates

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its template editing workflow. When fetching existing templates, the agent processes content that may have been authored or modified by other users.
  • Ingestion points: The workflows-get-email-template tool retrieves the template's design JSON and text fallback from the PostHog server.
  • Boundary markers: The instructions do not define clear delimiters or warnings to prevent the agent from following instructions embedded within the template's text or HTML blocks.
  • Capability inventory: The agent has the ability to create (workflows-create-email-template) and update (workflows-update-email-template) templates, meaning an injected instruction could lead to the unauthorized modification or creation of marketing assets.
  • Sanitization: No content validation or sanitization steps are defined for the fetched template data before the agent processes it for modification.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 10:58 AM
Security Audit — agent-trust-hub — designing-email-templates