Ravenclaw - Email Bridge

The `ops.sh` script contains a shell injection vulnerability. User-controlled input (e.g., email body, subject) is directly interpolated into a JSON string passed as the `-d` argument to `curl`, without proper sanitization. This could allow an attacker to inject arbitrary shell commands if `ops.sh` is executed with untrusted input, potentially leading to remote code execution. There is no evidence of intentional malicious behavior such as data exfiltration, persistence, or prompt injection attempts against the agent in the markdown files.