Back to skill

Security audit

Ldm Openclaw Inbox Mcp Skill

Security checks across malware telemetry and agentic risk

Overview

This skill clearly sets up a paid third-party inbox-placement check for outbound email and its sensitive behaviors are disclosed and aligned with that purpose.

Install only if you trust the LDM Inbox Check service and npm package. Store INBOX_CHECK_API_KEY securely, expect paid quota usage, and avoid submitting regulated or confidential campaign content unless your vendor/privacy requirements allow sending drafts, headers, authentication results, and screenshots to this external provider.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README instructs users to send campaign content through a paid third-party inbox-testing service and shows use of a live API key format, but it does not clearly warn that email content, seed-test messages, authentication results, and possibly screenshots will be transmitted to an external provider. In this skill context, that omission is more dangerous because agents may automatically process draft campaigns or sensitive outbound content, creating confidentiality, compliance, and vendor-risk exposure before users make an informed decision.

Natural-Language Policy Violations

Low
Confidence
90% confidence
Finding
The example configuration hard-codes a production service base URL and shows a live-key credential context in the environment block, which encourages direct use of a real paid external service without user selection, sandboxing, or regional justification. In an agent skill, this is more dangerous because users may copy the example verbatim, causing unintended data transfer to a third-party endpoint and accidental use of privileged credentials in testing or production workflows.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.