email-triage

The skill is suspicious due to its handling of sensitive IMAP credentials (IMAP_USER, IMAP_PASS) from environment variables and the potential for data exfiltration of email metadata (sender, subject, preview) via the configurable OLLAMA_URL. While the default OLLAMA_URL points to a local endpoint (http://127.0.0.1:11434), allowing it to be set to an arbitrary external URL via an environment variable (as seen in `SKILL.md` and `scripts/email-triage.py`) introduces a significant vulnerability. A malicious actor could configure this URL to an external server, leading to unauthorized disclosure of email content to an untrusted third party. This is a critical configuration risk, even if not explicitly malicious in the default setup.