twilio-sendgrid-inbound-parse
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill documents a workflow that processes untrusted data (inbound email), creating an attack surface for indirect prompt injection.\n
- Ingestion points: The webhook handler receiving 'text' and 'html' fields from 'request.form' in the Python Flask example in 'SKILL.md'.\n
- Boundary markers: The documentation includes a 'Security' warning advising developers to isolate email content as user input and avoid concatenating it into system prompts.\n
- Capability inventory: The provided Python example code uses the 'flask' library to handle HTTP POST requests and print content; no high-risk capabilities such as subprocess execution, file system writes, or network exfiltration are present in the skill scripts.\n
- Sanitization: The documentation explicitly recommends sanitizing HTML to prevent XSS and validating inputs, although the example code is a simplified implementation.
Audit Metadata