Eppie Email CLI

Security checks across malware telemetry and agentic risk

Overview

The skill matches its email-CLI purpose, but it gives an agent access to irreversible email/vault deletion workflows without a clear confirmation gate.

Install only if you are comfortable letting an agent operate a real Eppie mailbox/vault. Before using it, require explicit confirmation for reset, delete-message, send, and other account-changing actions, and avoid connecting high-value mailboxes until you have tested the workflow on a disposable account.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly normalizes destructive operations like `reset` and `delete-message` for autonomous use, including `--assume-yes=true` for reset, but does not require an explicit user-confirmation or authorization check before those actions. In an agent context, this increases the chance that a prompt-injected, mistaken, or over-broad task can irreversibly wipe local vault data or permanently delete messages, especially since the document presents these operations as standard workflow primitives.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal