Skills
skills/wadewarren/gws-claude-plugin/recipe-draft-email-from-doc/Gen Agent Trust Hub

recipe-draft-email-from-doc

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gws command-line tool to retrieve document data and send emails.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from an external document and uses it in a subsequent action without sanitization.
  • Ingestion points: Document content is retrieved via gws docs documents get in SKILL.md.
  • Boundary markers: No delimiters or safety instructions are used to separate the document content from the agent's logic.
  • Capability inventory: The skill has the capability to send emails using gws gmail +send in SKILL.md.
  • Sanitization: There is no evidence of validation or escaping for the document body content before it is drafted as an email body.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 04:57 PM