DropMail – disposable email manager

Security checks across malware telemetry and agentic risk

Overview

This disposable-email skill appears purpose-aligned, but it stores email/session data locally and weakens HTTPS validation without enough disclosure or user control.

Install only if you are comfortable with GuerrillaMail handling the inbox traffic and with the skill keeping mailbox sessions and message contents on disk. Avoid using it for sensitive account recovery, financial, medical, or long-lived login flows unless the storage and TLS behavior are fixed or constrained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Rogue AgentSelf-Modification, Session Persistence
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration

Findings (8)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 96% confidence
Finding: The skill documentation describes capabilities to read and write local files under ~/.dropmail and to access the GuerrillaMail network API, but it does not declare permissions. Undeclared file and network access weakens reviewability and consent because the runtime behavior is broader than what a user or platform policy can infer from metadata.

Context-Inappropriate Capability

Medium

Confidence: 99% confidence
Finding: If certifi is unavailable, the code falls back to ssl._create_unverified_context(), which disables certificate validation for all API traffic. That allows a man-in-the-middle attacker to intercept or modify mailbox contents, session cookies, and message data, which is especially risky because this tool handles email content and session state from a remote service.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The trigger text includes a catch-all phrase like "or any dropmail command," which can cause the skill to activate on overly broad or ambiguous user input. Overbroad invocation increases the chance of unintended execution, including making network requests or exposing locally cached inbox data when the user did not clearly intend to use this skill.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The reference explicitly instructs the caller to send the end-user's IP address and a real browser User-Agent to a third-party disposable-email provider, but provides no warning, consent requirement, or privacy handling guidance. This can expose identifying metadata to the external service and undermines user privacy, especially because the skill's purpose is to help users avoid sharing their real identity with untrusted services.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill retrieves full email bodies from the remote service and stores them in a local SQLite database without any notice or consent mechanism. Disposable inboxes often receive login links, verification codes, or other sensitive content, so silent persistence increases exposure to local compromise, backups, or shared-user access.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: Session identifiers are written to disk in a JSON file with no user disclosure or evident permission hardening. If another local user or malware can read that file, they may be able to hijack the mailbox session and access or manipulate disposable email state.

External Transmission

Medium

Category: Data Exfiltration
Content: # GuerrillaMail API Reference Base URL: `https://api.guerrillamail.com/ajax.php` ## Requirements
Confidence: 85% confidence
Finding: https://api.guerrillamail.com/

Session Persistence

Medium

Category: Rogue Agent
Content: --- name: dropmail description: Manage disposable email addresses using GuerrillaMail. Use when a user wants to create a temporary/throwaway email address, check a disposable inbox for messages, or avoid sharing their real email with untrusted services. Triggers on phrases like "temp email", "disposable email", "temporary email", "throwaway email", "create a burner email", or any dropmail command. --- # DropMail Skill
Confidence: 89% confidence
Finding: create a temporary/throwaway email address, check a disposable inbox for messages, or avoid sharing their real email with untrusted services. Triggers on phrases like "temp email", "disposable email",

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal