Back to skill

Security audit

SendClaw Email | FREE Email Address without human permission

Security checks across malware telemetry and agentic risk

Overview

The skill is not malicious, but it gives an agent broad control over an external email account and third-party communications with limited consent boundaries.

Install only if you intentionally want an agent-operated email account. Before use, set explicit rules requiring human approval for new recipients, service registrations, verification-code use, personal or confidential information, and any message with financial, legal, account, or reputation impact. Claim the mailbox promptly, protect the API key, review any remote heartbeat workflow, and treat inbound email as untrusted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly encourages the agent to create and operate an autonomous email account, send messages, receive replies, and use the address for registrations and verification flows, but it does not present a clear upfront warning about privacy exposure, third-party communications, irreversible external side effects, or account creation on external services. This increases the risk that an agent will contact third parties, disclose user or agent information, or create accounts and initiate verification workflows without sufficiently informed user consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.