Back to skill

Security audit

eMail manager lite

Security checks across malware telemetry and agentic risk

Overview

This email manager does what it advertises, but it needs review because it uses mailbox credentials while weakening IMAP certificate checks and allowing direct send/move actions.

Install only if you are comfortable giving this skill access to the target mailbox. Use a dedicated app password or low-risk mailbox, remove the rejectUnauthorized: false IMAP option before use, review dependency versions with a lockfile, and require manual confirmation before any send or move operation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documentation describes use of environment variables for email credentials and network-capable IMAP/SMTP operations, but the manifest shown in SKILL.md does not declare corresponding permissions or capability requirements. This creates a transparency and policy gap: users or hosting platforms may not realize the skill can access secrets and external mail services, increasing the chance of over-trusting or mis-deploying it.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly instructs users to export email credentials, including an app password, but provides no warning about shell history, process environment exposure, shared terminals, or safer secret-handling practices. In an email-management skill, these credentials grant access to sensitive mailbox contents and possibly message-sending capability, so insecure setup guidance increases the risk of credential leakage and account compromise.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly supports sending email and moving messages between folders, which can transmit data externally and alter mailbox state, but the usage section does not present a prominent warning or confirmation requirement before these actions. In an agent setting, insufficient warning around external communication and mailbox modification raises the risk of unintended data disclosure, accidental email sending, or destructive account changes triggered by ambiguous prompts or automation.

Unpinned Dependencies

Low
Category
Supply Chain
Content
"author": "",
  "license": "ISC",
  "dependencies": {
    "imap-simple": "^5.1.0",
    "mailparser": "^3.9.3",
    "nodemailer": "^7.0.13"
  }
Confidence
95% confidence
Finding
"imap-simple": "^5.1.0"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"license": "ISC",
  "dependencies": {
    "imap-simple": "^5.1.0",
    "mailparser": "^3.9.3",
    "nodemailer": "^7.0.13"
  }
}
Confidence
95% confidence
Finding
"mailparser": "^3.9.3"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"dependencies": {
    "imap-simple": "^5.1.0",
    "mailparser": "^3.9.3",
    "nodemailer": "^7.0.13"
  }
}
Confidence
98% confidence
Finding
"nodemailer": "^7.0.13"

Known Vulnerable Dependency: nodemailer==7.0.13 — 6 advisory(ies): GHSA-268h-hp4c-crq3 (Nodemailer: CRLF injection in Nodemailer List-* header comments allows arbitrary); GHSA-c7w3-x93f-qmm8 (Nodemailer has SMTP command injection due to unsanitized `envelope.size` paramet); GHSA-p6gq-j5cr-w38f (Nodemailer: Message-level raw option bypasses disableFileAccess/disableUrlAccess) +3 more

High
Category
Supply Chain
Confidence
99% confidence
Finding
nodemailer==7.0.13

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.