ClawHub

Smtp Email Delivery Service

Security checks across malware telemetry and agentic risk

Overview

This skill appears to send email as advertised, but it deserves review because it handles SMTP credentials and outbound email content while using overly broad activation wording.

Review this skill before installing. Use a scoped SMTP account or app password, avoid personal mailbox credentials when possible, verify recipients and attachments before sending, and do not use the broad activation terms as permission for automatic email delivery. The clean static scan and VirusTotal result reduce malware concern, but they do not remove the privacy and account-risk concerns from the skill's own instructions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The activation keywords include extremely generic terms such as `send`, `to`, and `smtp url`, making accidental tool selection much more likely in ordinary conversations. In an agent environment, overbroad routing can cause unintended email transmission, exposing message content, recipients, or attachments to an external service without sufficiently clear user intent.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The documented search and activation keywords remain too broad and underspecified in the operational section, reinforcing the risk of incorrect tool activation. Because this skill performs outbound communication with arbitrary recipients and attachments, accidental invocation materially increases the chance of privacy breaches or unintended data disclosure.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill prominently supports recipient lists, CC/BCC, HTML bodies, and attachments, but its early descriptive section does not clearly warn about data-sensitivity, recipient verification, or risks of sending confidential material externally. In this context, missing privacy warnings are important because the core function is external transmission of potentially sensitive content to arbitrary destinations.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly requires users to provide an SMTP URL containing credentials and to transmit email bodies and attachments to an external mail server, but it does not warn users about the sensitivity of those credentials or message contents. This increases the risk of accidental secret exposure, use of personal mailbox credentials, or sending regulated/sensitive data through third-party infrastructure without informed consent.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal