The Agent Skills Directory

[SAFE]: The skill uses the spark tool for its intended purpose of email management. No unauthorized data access, network exfiltration, or credential harvesting patterns were detected.
[PROMPT_INJECTION]: The skill reads email content, which is an external ingestion point for potential indirect prompt injection. This is considered safe as the workflow requires human review of each decision. 1. Ingestion points: Email threads via spark thread <id> in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Draft editing and deletion via spark commands in SKILL.md. 4. Sanitization: None.

spark-recipe-draft-batch