Turbosmtp

Security checks across malware telemetry and agentic risk

Overview

This TurboSMTP skill appears legitimate, but it gives an agent live email-account authority without clear confirmation guardrails.

Install only if you trust Membrane and intend to let the agent operate a TurboSMTP account. Use a limited or test account when possible, review Membrane connection scopes, and require explicit confirmation before sending emails, deleting or changing contacts/lists/senders, or using raw proxy requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly enables sending email, modifying contact lists/senders, and making arbitrary proxied API requests, but it does not instruct the agent to obtain user confirmation before performing external or state-changing actions. In an agent setting, this can lead to unintended outbound email, contact manipulation, or data transmission to third-party services without clear user awareness.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal