Email Marketing Engine

Type: OpenClaw Skill Name: afrexai-email-marketing-engine Version: 1.0.0 The skill bundle primarily provides extensive documentation and templates for email marketing. It is not overtly malicious, as it lacks clear evidence of intentional harmful behavior like data exfiltration, backdoors, or unauthorized remote control. However, the `SKILL.md` file includes a shell command (`nslookup -type=txt yourdomain.com`) as part of a domain authentication checklist. While this command is presented as an informational step for the user, an AI agent tasked with 'Set up email authentication for [domain]' might be instructed to execute such a command. If the agent's implementation does not properly sanitize user-provided input before executing shell commands, this could lead to a shell injection vulnerability. This potential for a critical vulnerability, even without clear malicious intent within the skill's content itself, warrants a 'suspicious' classification as per the provided guidelines.