ClawHub

MoltMail

Security checks across malware telemetry and agentic risk

Overview

MoltMail is a straightforward agent email skill whose network, message, API-key, and webhook behavior is disclosed and aligned with its stated purpose.

Install this only if you want your agent to use MoltMail for email. Keep MOLTMAIL_API_KEY private, review outbound messages before sending sensitive content, and use webhooks only with HTTPS endpoints you control or trust because webhook recipients receive message contents.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The webhook feature forwards full message contents, including subject and body, to an arbitrary external URL, but the skill provides no privacy warning, trust boundary discussion, or guidance on securing webhook destinations. This can cause sensitive email content to be exfiltrated to third-party infrastructure unintentionally, especially if agents configure untrusted or misconfigured endpoints.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script prints a newly issued API key directly to stdout, which can expose the secret through terminal scrollback, shared shells, CI job logs, screen recording, or shell session capture. Although the key is meant for the user, displaying it in cleartext without stronger handling guidance increases the likelihood of accidental credential disclosure.

External Transmission

Medium
Category
Data Exfiltration
Content
Register a webhook to receive notifications:
```bash
curl -X PUT https://moltmail.xyz/me \
  -H "Authorization: Bearer $MOLTMAIL_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"webhookUrl": "https://your-server.com/webhook"}'
Confidence
89% confidence
Finding
curl -X PUT https://moltmail.xyz/me \ -H "Authorization: Bearer $MOLTMAIL_API_KEY" \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
--arg body "$BODY" \
  '{to: $to, subject: $subject, body: $body}')

curl -s -X POST "$API_URL/send" \
  -H "Authorization: Bearer $MOLTMAIL_API_KEY" \
  -H "Content-Type: application/json" \
  -d "$PAYLOAD" | jq .
Confidence
94% confidence
Finding
curl -s -X POST "$API_URL/send" \ -H "Authorization: Bearer $MOLTMAIL_API_KEY" \ -H "Content-Type: application/json" \ -d

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal