Elastic Email

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Elastic Email integration, but it can change or delete account data and send email, so users should apply normal confirmation discipline.

Install only if you want an agent to operate your Elastic Email account through Membrane. Use a least-privilege account where possible, review the target resource before deletes or sends, and ask the agent to confirm exact recipients, lists, templates, and destructive changes before running them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The skill description is broad enough to match many generic email-related requests, which can cause the agent to invoke this integration when the user did not specifically intend to operate on Elastic Email. In a skill that can list contacts, modify lists, delete contacts/templates, and send email, overbroad routing increases the chance of unintended external actions or disclosure of third-party account data.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The documented action set includes destructive operations such as deleting templates, contact lists, and contacts, but the skill provides no requirement for explicit confirmation before executing them. In an agent setting, this omission can lead to accidental destructive changes from ambiguous prompts, mistaken action selection, or over-automation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal