Mails for Agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed email-API helper for receiving verification codes and managing a mailbox, but users should treat deletion and webhook settings as sensitive actions.

Install only if you intend to let an agent use this mailbox API for disposable or controlled email workflows. Confirm before deleting messages, pausing the mailbox, sending mail, or changing webhook URLs, and use webhook destinations you control.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly documents a destructive inbox-processing flow that ends with deleting emails, but provides no guardrails such as confirmation, retention policy, or conditions for safe deletion. In an autonomous agent context, this increases the risk of accidental data loss, deletion of evidence/audit trails, or removal of emails still needed for verification and account recovery.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill exposes mailbox-wide pause/resume controls and webhook configuration changes without warning about service disruption or data exfiltration risks. In an agent setting, these endpoints can disable mail operations or redirect sensitive email events, including verification codes and message metadata, to attacker-controlled destinations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal