Snail Mail

Security checks across malware telemetry and agentic risk

Overview

This skill is a local operator inbox that stores and renders messages, with some manageable ambiguity and rendering caveats but no evidence of hidden, destructive, credential-stealing, or exfiltrating behavior.

Install this only if you want your agent to keep a persistent local inbox. Avoid storing secrets in messages, set OPENCLAW_WORKSPACE if you need storage confined to a workspace, and require clear user intent before rendering all messages or running bulk actions like read-all or archive-read.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger guidance includes overly broad everyday phrases like "inbox" and "messages," which can cause the agent to invoke this skill in unrelated conversations. That creates a confused-deputy risk where normal user dialogue could unexpectedly expose inbox contents, mark state, or steer the agent into file-backed operations without sufficiently clear intent.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal