Mailscope Email Detection

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it uploads a user-selected email file to a Mailscope service for security analysis, but users should understand that the email contents leave their machine.

Install only if you are comfortable sending the full email file, including headers, recipients, body content, links, and attachments, to the Mailscope service at https://x.lizhisec.com. Do not use it on confidential, regulated, or third-party-sensitive emails unless that upload is allowed by your policy. Keep the API key in config.json private.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script transmits the entire .eml file, which can contain highly sensitive content such as message bodies, attachments, headers, recipient lists, and authentication artifacts, to a third-party remote service. In the context of an email-security skill this behavior is functionally expected, but the lack of an explicit user warning/consent step creates a real privacy and data-handling risk, especially for confidential or regulated emails.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal