一键导入
mail-agent-operations
Run the full Custom GPT regression path for the recent fixes across tasks, mail, preferences, calendar, and user_id sanitization.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Run the full Custom GPT regression path for the recent fixes across tasks, mail, preferences, calendar, and user_id sanitization.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Address open PR review comments using gh CLI with explicit user-selected thread handling.
Inspect GitHub PR checks, fetch failing Actions logs, summarize root cause, then propose a fix plan.
Azure Blob and Azurite operator commands for existence checks, counts, and sampling with env-var-only secrets.
Operator-friendly dataset pipeline runbook with background execution, progress snapshots, and sampling checks.
Maintain one per-task ExecPlan artifact under tmp for multi-step work with a quick bypass option.
Safe Git and GitHub operator commands for inspect-stage-commit-push workflow.
| name | mail-agent-operations |
| description | Run the full Custom GPT regression path for the recent fixes across tasks, mail, preferences, calendar, and user_id sanitization. |
| argument-hint | Use for Custom GPT regression checks across tasks, mail, preferences, calendar, and user isolation. |
Use this skill when the goal is to exercise the full changed surface of the Custom GPT backend, not just one capability. This skill is designed to validate the fixes shipped in the capability_exec flow.
Trigger phrases used by operators: test custom gpt, custom gpt regression, golden tests, test tasks and mail, test capability exec.
task.create, task.list, task.update, task.complete, task.deletemail.authorize, mail.accounts.list, mail.send, mail.replymemory.preferences.get, memory.preferences.updatecalendar.events.listuser_idtask.create returns task_index and downstream task operations accept it.mail.authorize accepts force: true and returns a fresh reauth payload.mail.send and mail.reply accept attachments without immediate schema rejection.memory.preferences.update reports unknown_keys instead of silently dropping them.calendar.events.list accepts bare dates like 2026-03-31 by normalizing to RFC3339.user_id values containing /, \, or .. do not escape their namespace.Send all requests to:
POST /api/tool_call_handler?action=capability_exec
Canonical envelope:
{
"action": "capability_exec",
"user_id": "test_regression_user",
"params": {
"capability": "task.create",
"confirm": false,
"arguments": {}
}
}
Create a task and confirm task_index exists and is an integer >= 1.
{
"action": "capability_exec",
"user_id": "test_golden_tasks",
"params": {
"capability": "task.create",
"confirm": false,
"arguments": {
"title": "Golden Test Task",
"priority": "high"
}
}
}
Then validate:
task.list returns a flat tasks array with task_index on every tasktask.update works with task_indextask.complete marks the task completetask.delete returns 409 CONFIRMATION_REQUIRED without confirm: trueCheck OAuth bootstrap and forced reauth:
{
"action": "capability_exec",
"user_id": "test_golden_mail",
"params": {
"capability": "mail.authorize",
"confirm": false,
"arguments": {
"force": true
}
}
}
Validate:
authorize_urlreauth_reason: "force"authorized is false for a fresh test userThen send an attachment-shaped payload to mail.send and mail.reply:
{
"action": "capability_exec",
"user_id": "test_golden_mail",
"params": {
"capability": "mail.send",
"confirm": true,
"arguments": {
"to": ["test@example.com"],
"subject": "Golden Test with Attachment",
"body": "Attachment validation",
"attachments": [
{
"fileName": "test.txt",
"contentBase64": "VGhpcyBpcyBhIHRlc3Qu"
}
]
}
}
}
Expected outcome:
409 CONFIRMATION_REQUIREDUse mixed valid and unknown keys:
{
"action": "capability_exec",
"user_id": "test_golden_prefs",
"params": {
"capability": "memory.preferences.update",
"confirm": false,
"arguments": {
"preferences": {
"brevity": "medium",
"fast_mode": true,
"language": "en-US",
"timezone": "UTC"
}
}
}
}
Validate:
successupdated_keys includes supported keys onlyunknown_keys includes language and timezoneCall calendar.events.list using bare dates:
{
"action": "capability_exec",
"user_id": "test_golden_prefs",
"params": {
"capability": "calendar.events.list",
"confirm": false,
"arguments": {
"time_min": "2026-03-31",
"time_max": "2026-04-07",
"max_results": 10
}
}
}
Validate:
Probe user isolation with malformed user_id values:
{
"action": "capability_exec",
"user_id": "user/../../admin",
"params": {
"capability": "memory.preferences.get",
"confirm": false,
"arguments": {}
}
}
Also test:
user..eviluser\\nestedExpected outcome:
The regression pass is complete when all of the following are true:
task_index correctly.unknown_keys.user_id input is handled safely.Use these files as the source of truth for payloads and assertions:
tests/e2e/test_custom_gpt_tasks_golden.pytests/e2e/test_custom_gpt_mail_oauth_golden.pytests/e2e/test_custom_gpt_prefs_calendar_security_golden.pyReturn a short execution summary with: