ClawHub

aaaaa

Security checks across malware telemetry and agentic risk

Overview

This is a transparent Gmail reply-drafting skill, but users should treat Gmail access and auto-send settings carefully.

Install only if you are comfortable giving an agent access to the relevant Gmail account. Keep draft-review mode on by default, use the narrowest available Gmail permissions, store credentials outside the skill, and enable auto-send only for low-risk senders, labels, or templates with clear rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly supports accessing a client's Gmail and sending replies on their behalf, but it does not require prominent consent, privacy boundaries, or warnings about handling sensitive email content. Because email accounts routinely contain confidential and regulated data, an agent using broad mailbox access could expose, misuse, or send sensitive information without adequate user understanding or safeguards.

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to answer messages 'on behalf of a client' and match the client's tone and sign-off, effectively impersonating the client, yet it does not require explicit authorization or disclosure controls. In the context of email communications, this can mislead recipients, create fraud or social-engineering opportunities, and cause legal or reputational harm if the agent sends inaccurate or unauthorized statements.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The manifest describes automatically drafting and sending Gmail replies on behalf of a client, but it does not specify any activation constraints, approval steps, account scoping, or safeguards. In an email automation context, vague auto-send behavior can lead to unintended outbound communication, privacy leaks, reputational damage, or policy violations if the skill is enabled without explicit per-message controls.

Natural-Language Policy Violations

Low
Confidence
81% confidence
Finding
The description implies the skill may communicate with third parties automatically on a client's behalf without stating explicit consent, language/locale controls, or recipient scoping. This is dangerous because automated outbound messages can misrepresent the client, send inappropriate language or tone, and create compliance or customer-trust issues when recipients receive unreviewed responses.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal