ClawHub

SendGrid

Security checks across malware telemetry and agentic risk

Overview

This is mostly a normal SendGrid integration, but it includes high-risk SendGrid API key management that is not clearly disclosed in the stated security scope.

Review before installing if the connected SendGrid account has administrative privileges. Use a least-privileged SendGrid/Maton connection, confirm every send/create/update/delete operation, avoid API key operations unless explicitly needed, and do not print or paste MATON_API_KEY into terminals, chats, or logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The documented security scope claims access is limited to email, contacts, lists, templates, suppressions, and statistics, but the same skill later exposes SendGrid API key management. That mismatch understates the real privilege of the integration and can mislead users or downstream agents into approving a connection that can mint durable credentials and expand access beyond the stated purpose.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
Exposing SendGrid API key management is materially more dangerous than ordinary email operations because it allows creation of long-lived credentials that may outlive the managed OAuth session and be reused outside the platform. This enables privilege persistence, bypass of intended connection controls, and potentially broader account compromise if a created key is later leaked or abused.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The troubleshooting step instructs users to echo the API key directly to the terminal, which can expose the secret in shell history, terminal scrollback, screen recordings, logs, or shared sessions. Even though it does not transmit the key off-host by itself, it increases the chance of accidental credential disclosure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal