MailMe X News

Security checks across malware telemetry and agentic risk

Overview

This skill clearly describes an X/Twitter-to-email digest workflow, but it can automatically send scraped and summarized content to preset real email recipients without a clear per-run confirmation step.

Review carefully before installing. Replace the preset recipients, verify the dependent crawl and email skills, and require a manual preview or explicit confirmation before any run sends email, especially before enabling the daily cron task.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The quick-start trigger phrase is extremely broad and maps a normal-language request directly to a multi-step workflow that ends in sending email. This increases the chance of accidental invocation or ambiguous routing, which can cause unintended data collection, translation, and external transmission without sufficiently explicit user confirmation.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill states that AI will automatically perform the full chain from scraping through translation and summary to sending email, but it does not prominently warn that this results in outbound delivery to configured recipients. In this context, the skill processes third-party content and recipient data, so automatic external sending materially raises privacy, data leakage, and unintended disclosure risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal