ClawHub

Disposable Email Address

Security checks across malware telemetry and agentic risk

Overview

This is a coherent disposable-email skill, but it should only be used for low-risk temporary inbox workflows because messages and verification codes may be visible within the shared AgentPMT budget.

Install only if you are comfortable using AgentPMT-hosted temporary inboxes. Do not use it for important accounts, password resets, financial services, private communications, or any verification code that should not be visible to other agents sharing the same budget.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The activation keywords include very generic terms like "check", "email", and "create", which can cause the skill to be invoked in unrelated contexts. In a security-sensitive workflow, this increases the chance of accidental use of a disposable-email tool for tasks involving verification codes or inbox contents, potentially routing sensitive actions through a shared temporary mailbox service.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill description notes that addresses are shared across agents on the same budget, but it does not present this as a prominent warning about confidentiality risk. Because the tool returns full message contents and is intended for receiving verification links and OTPs, users may unknowingly expose sensitive emails, codes, or account-recovery material to other agents in the same budget scope.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The schema explicitly states that the `check` action returns full message contents, including sender, subject, and body, but it provides no privacy warning, consent boundary, or data-handling guidance. In a disposable-email skill, this creates a real risk of agents retrieving verification links, account recovery emails, or other sensitive communications without clear safeguards, especially because addresses are shared across agents on the same budget.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal