ClawHub
Back to skill

Security audit

Brevo

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Brevo integration that uses a Maton API key and managed OAuth to perform documented email, contact, campaign, list, and template actions.

Install only if you trust Maton to proxy Brevo API traffic and manage OAuth for your Brevo account. Keep MATON_API_KEY private, avoid sharing terminal output that reveals it, specify the intended connection when multiple Brevo accounts exist, and approve write or send actions only after checking recipients, lists, campaign IDs, and expected effects.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal