ClawHub

Migma

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Migma email-marketing skill, but it can send real emails and upload or change contact data when used.

Install only if you trust Migma and the @migma/cli package. Protect MIGMA_API_KEY, review contact CSVs before import, and require your agent to show the subject, sender, audience or segment, and test/preview result before any real or bulk send.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill says 'When the user asks to send an email to someone' and then provides direct send commands, including segment-wide sends, without explicit confirmation or guardrails. In an agent setting, this can cause unintended live outbound email to real recipients or mailing lists, which is a consequential external side effect with reputational, privacy, and spam/compliance risk.

Missing User Warnings

High
Confidence
96% confidence
Finding
This section documents commands that send live emails to individuals and entire segments, but it does not warn that these actions are externally visible and irreversible once sent. In agent workflows, the absence of a clear warning and confirmation requirement materially increases the chance of accidental mass emailing, spam incidents, or disclosure of business communications to unintended recipients.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill describes importing contacts from a CSV and importing a brand from a website without warning that this transmits contact data, business identifiers, and website-derived brand assets to an external service. That omission can lead users or agents to send sensitive customer or company data off-platform without informed consent or review.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The examples normalize bulk email sending to a tag or segment without any guidance to confirm recipient scope, review targeting, or warn about mass outreach consequences. In an agent skill, this can lead to accidental large-scale sends, spam complaints, privacy issues, and reputational damage if the agent follows the workflow too literally.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The CSV import example instructs users to upload local contact data without warning that personal data from the file will be transferred to the remote service. This increases the risk of unintended disclosure of sensitive contact information or non-compliant processing if users do not realize the privacy implications.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This workflow ends with sending to a full segment after generation and validation, but validation here checks content quality and deliverability, not whether mass distribution is intended or safe. Without an explicit bulk-send warning or confirmation gate, an agent may prematurely send to many recipients based on an example sequence.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal