Back to skill

Security audit

Email Template Generator / 邮件模板生成

Security checks across malware telemetry and agentic risk

Overview

The skill appears benign but relies on a visible third-party email-generation API, so users should avoid sending sensitive data.

Install only if you are comfortable sending template parameters to api.emailgen.dev. Do not include customer names, confidential business details, or sensitive email content unless you have reviewed and accepted that service's privacy and retention posture.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The skill advertises itself as an email template generator, but its documented behavior relies on a third-party API call rather than local template rendering. This creates a supply-chain and transparency problem: users may unknowingly transmit prompt data externally and become dependent on an unvetted remote service for core functionality.

Context-Inappropriate Capability

Medium
Confidence
83% confidence
Finding
A network-capable `curl` invocation is included even though basic email template generation does not inherently require external connectivity. This broadens the attack surface by enabling outbound communication to a third party, which could expose user inputs, introduce tracking, or return malicious/untrusted content.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documented request sends user-provided fields such as `name` to an external API without any privacy notice, retention statement, or data-handling guidance. In real use, operators may substitute sensitive customer names, business context, or email content, causing unintended disclosure to an external service.

External Transmission

Medium
Category
Data Exfiltration
Content
which bash curl && echo "Ready"

# Step 2 — run the tool
curl -s "https://api.emailgen.dev/template?type=followup&name=john" | jq '.body' 

# Step 3 — review output
echo "Done — check the generated output"
Confidence
80% confidence
Finding
https://api.emailgen.dev/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.