SendClaw Email | FREE Email Address without human permission

Security checks across malware telemetry and agentic risk

Overview

This skill is meant to let an AI agent create and run its own email address, but it gives broad autonomous email and account-use authority without enough user approval, privacy, or credential boundaries.

Install only if you intentionally want an agent-operated email account. Before use, set explicit rules requiring human approval for new recipients, service registrations, verification-code use, personal or confidential information, and any message with financial, legal, account, or public-reputation impact. Claim the account promptly, protect the API key, review any remote heartbeat/checking workflow before enabling it, and treat inbound email content as untrusted.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly urges the agent to create an external email account, send emails autonomously, receive inbound messages, and even use the address for registrations and verification codes, but it does not provide meaningful safeguards around privacy, consent, data handling, recipient validation, or when external transmission is appropriate. In an agent setting, this materially increases the risk of unauthorized disclosure of sensitive information, unapproved third-party contact, and exfiltration of verification tokens or personal data through routine task execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal