ClawHub

Morning Email Rollup

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises, but users should be comfortable with Gmail and Calendar data being summarized by Gemini and delivered through the configured messaging channel.

Install only if you are comfortable letting the configured Google account expose important/starred email bodies and calendar titles to this workflow, including Gemini processing and Telegram-style delivery. Review the Gmail search query, MAX_EMAILS, account setting, and cron schedule before enabling daily automation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The script sends up to 5000 characters of email body content to the external `gemini` CLI for summarization, which can disclose sensitive message contents to a third-party service or separate trust boundary. While summarization is related to the rollup feature, the exfiltration is not clearly disclosed or consented to, and email bodies commonly contain confidential personal or business data.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends email body content to an external AI service for summarization, but the description does not present this as a clear privacy warning or consent point. Because email bodies commonly contain sensitive personal, business, financial, or authentication-related data, undisclosed transfer to a third-party model materially increases data exposure and may violate user expectations, policy, or compliance requirements.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill transmits full email body content to an external summarization tool without any user-facing warning, consent flow, or indication in output/logging that message content is being shared. This creates a privacy and data-handling risk because users may reasonably expect a local morning rollup, not silent disclosure of sensitive emails to an external model provider.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal