ClawHub

Inbox

Security checks across malware telemetry and agentic risk

Overview

This inbox skill is not malicious, but it needs review because its support files describe automatic sending, declining, and archiving actions that conflict with its stated no-automation limits.

Install only as an inbox-coaching framework unless you configure strict controls. Before pairing it with email, chat, calendar, or project-management tools, require previews and explicit approval for sends, declines, nudges, and archive actions; use per-channel/account scoping; and avoid persistent tracking unless storage, retention, and deletion are clear.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly promotes aggregating messages, notifications, and conversations from many personal and work channels into one unified view, but it provides no warning about the privacy, consent, and data-minimization risks of doing so. This is dangerous because a user may connect sensitive accounts or expose cross-context information (personal, employer, clients) to the agent without understanding the scope of access and the possibility of over-collection or inappropriate summarization across channels.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes automated actions such as auto-declining calendar invites and sending follow-up nudges with escalating tone, but it does not warn users that the agent may act on their behalf or create external communications automatically. This is dangerous because incorrect declines or poorly timed follow-ups can damage relationships, leak behavioral patterns, or cause business impact if the automation triggers without explicit confirmation and clear boundaries.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill recommends auto-archiving older backlog items so they are 'out of sight' without requiring an explicit warning, confirmation, or review step. In an inbox-management context, hiding messages can cause users to miss deadlines, financial obligations, or important follow-ups, especially because visibility changes may be mistaken for deletion or completion.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill instructs the agent to classify items and auto-archive "Noise" before showing anything to the user, but it does not require user visibility, confirmation, or an audit/review path. In an inbox-management context, this can cause legitimate messages to be hidden due to misclassification, creating missed obligations, lost opportunities, or failure to respond to important communications.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal