Security audit

Inbox Zero API CLI

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Inbox Zero CLI helper that can read stats and manage rules, with no evidence of hidden or unrelated behavior.

Install only if you trust the @inbox-zero/api npm package and want an agent to use your Inbox Zero API key. Ask for explicit approval before creating, replacing, or deleting rules, and use a least-privilege or revocable API key if Inbox Zero supports one.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The skill metadata uses broad, permissive wording such as 'inspect or update Inbox Zero rules and analytics' and enables implicit invocation, without defining clear task boundaries, approval requirements, or safe-trigger conditions. In an agent setting, this can cause the skill to be selected for loosely related prompts and perform state-changing API actions like updating automation rules when the user did not explicitly request that level of access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal