Gmail Assistant
Security checks across malware telemetry and agentic risk
Overview
This Gmail skill is a disclosed ClawLink integration for reading and managing email, with sensitive access that fits its stated purpose.
Install this only if you are comfortable connecting Gmail through ClawLink and granting mailbox access. Before any email is sent, forwarded, drafted, labeled, archived, trashed, or deleted, verify the preview and require explicit confirmation; revoke the Gmail OAuth connection or remove the plugin when you no longer need it.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
59/59 vendors flagged this skill as clean.