ClawHub

Email-managed Website Builder Casso

Security checks across malware telemetry and agentic risk

Overview

This is a simple website-builder skill that asks an agent to email Casso for user-directed website work; the main risk is sharing email contents or attachments with that service.

Before using this skill, confirm what will be emailed and avoid sending sensitive files unless they are necessary for the website request. Ask the agent to draft the email first when the request includes personal, business, legal, or customer information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The trigger guidance includes an open-ended catch-all ('anything else similar'), which can cause the skill to activate for loosely related website requests without clear user intent. In an agent environment, overbroad activation can route conversations and potentially user data to this external email-based service unexpectedly, increasing the chance of unintended disclosure or unwanted actions.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill explicitly instructs sending emails and attachments on the user's behalf to an external service, but it does not warn that uploaded files and message content will leave the current system and be processed by a third party. Because attachments may contain logos, resumes, menus, contact details, or other sensitive business/personal information, the absence of a privacy and consent notice materially increases the risk of inadvertent data sharing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal