ClawHub

Email Helper Pro

Security checks across malware telemetry and agentic risk

Overview

Email Helper Pro is purpose-aligned, but it needs Review because it can read and send email and stores drafts locally without clear consent, retention, or credential-safety guidance.

Install only if you are comfortable giving it access to mailbox content and SMTP sending. Use a dedicated or least-privileged email account or app password, review each send before execution, avoid storing sensitive message bodies in drafts, and delete email_drafts.json when no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation phrases include very generic triggers like “邮件” and “email”, which can be invoked during ordinary conversation rather than an intentional command. In a skill that can draft, read, and send email, accidental activation can expose mailbox contents or trigger unintended email actions, making the broad trigger set a real safety issue.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill handles highly sensitive operations—sending email, reading inbox contents, local draft persistence, and deletion/archival behavior—without any visible privacy notice, consent flow, retention policy, or warning about credential and content exposure. In this context, missing safeguards are especially dangerous because email data often contains confidential information and the code persists drafts locally in plaintext JSON, increasing the risk of unauthorized access or accidental disclosure.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal