ClawHub

Email Triager

Security checks across malware telemetry and agentic risk

Overview

This is a text-only email triage helper, but users should be careful because email content can be sensitive and the skill references an external context-pack site.

Install only if you are comfortable letting the agent process selected email text. Redact secrets, credentials, regulated data, and unnecessary personal details; review drafts before sending; and inspect or avoid the external context-pack URL unless you trust it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Context-Inappropriate Capability

Low
Confidence
89% confidence
Finding
The skill explicitly directs users to pair email triage with an external website for domain-specific handling, which expands the skill beyond local triage into network-dependent behavior. In an email-processing context, this creates a realistic risk of sending sensitive email content or derived context to an unvetted external source, increasing data exposure and prompt-injection surface.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The usage phrases are broad enough to match common, everyday email-assistance requests, which can cause the skill to activate in situations the user did not explicitly intend. In an email-processing skill, overbroad triggering increases the chance of unnecessary exposure of sensitive mailbox content and unintended drafting or triage actions.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README promotes processing and summarizing emails, extracting action items, and drafting replies, but it provides no warning that email bodies may contain highly sensitive personal, financial, legal, or corporate information. This omission increases the risk that users will submit confidential content without understanding privacy implications or applying minimization and redaction practices.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The activation language is broad enough to trigger on many ordinary email-related requests, making it easier for the skill to engage unexpectedly. In practice, overbroad invocation can cause unintended processing of sensitive inbox content, mistaken drafting actions, or interference with more narrowly scoped tools and user intent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This skill handles inherently sensitive content—emails often contain personal, financial, legal, or confidential business information—yet the description provides no privacy warning or handling constraints. Without explicit safeguards, users may provide regulated or confidential data without understanding the risks, and downstream integrations or drafts may expose that information more broadly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal