Xobni Email

Security checks across malware telemetry and agentic risk

Overview

This is a documented email integration with real mailbox powers, so it is acceptable but should be installed only for trusted agents with scoped credentials.

Install this only for agents you trust to handle the connected mailbox. Use a single-agent scoped API key, require review before sending sensitive emails or attachments, treat received email and attachment text as untrusted input, and configure webhooks only to HTTPS endpoints you control and verify.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill enables highly sensitive operations—reading inbox contents, sending email, handling attachments, and configuring webhooks—but provides no privacy, consent, or data-handling warnings. In an agent context, this omission can lead users to expose personal or confidential email data to the service or onward to third parties without understanding the consequences.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The webhook section states that payloads include email metadata and a content snippet, but it does not warn that this information is transmitted to an external endpoint chosen by the user. That creates a real risk of unintended disclosure of sensitive sender/recipient information and email content to insecure, misconfigured, or third-party webhook receivers.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal