spark-recipe-notification-hygiene
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a legitimate workflow for email management using the official Spark command-line interface. All commands are limited to the scope of email triage.
- [NO_CODE]: No standalone scripts or executable files are included with the skill.
- [PROMPT_INJECTION]: The skill processes untrusted email content from the inbox, creating a potential surface for indirect prompt injection. 1. Ingestion points: Untrusted email data is read via 'spark emails' and 'spark thread' commands in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Restricted to triage actions within the Spark CLI (archive, reclassify, group). 4. Sanitization: Absent.
Audit Metadata