Agent Email Setup

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed setup guide for giving an agent a Resend-backed email inbox, with expected but sensitive email and API-key handling.

Install only if you want an agent to send, receive, store, and monitor email through Resend. Use a dedicated Resend key and domain when possible, keep webhook and API secrets out of logs/chat, protect the mail/inbox directory, and avoid automatic summaries of sensitive inbox contents unless the owner has approved that workflow.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Ssd 3

Medium

Confidence: 97% confidence
Finding: The cron workflow explicitly instructs the agent to read incoming emails, summarize them, and report them to the owner. Because inbound email may contain sensitive third-party content, verification links, passwords, personal data, or confidential messages, this creates a built-in natural-language exfiltration path from untrusted senders to another recipient.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal