ClawHub

Cold Email Engine

Security checks across malware telemetry and agentic risk

Overview

This appears to be a cold-outreach automation skill that can scrape or enrich leads and send real emails, but its disclosure and safeguards are not clear enough for that external-facing authority.

Install only if you intentionally need cold-email automation. Use scoped email-provider keys, test with dry-run or sandbox recipients first, confirm recipient lists manually, and make sure your outreach complies with consent, suppression-list, anti-spam, and privacy requirements.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
78% confidence
Finding
The skill documentation references use of environment-based secrets such as `RESEND_API_KEY` and operational scripts, but the skill metadata does not declare corresponding permissions or capability requirements. This can mislead users and hosting systems about what sensitive resources the skill needs, weakening reviewability and increasing the chance of unsafe secret handling or unexpected access during execution.

Vague Triggers

Medium
Confidence
72% confidence
Finding
The invocation description is broad enough to activate for general sales, prospecting, or pipeline-building requests, which can cause the skill to be selected in contexts where the user did not clearly intend automated outreach. In this skill, that matters because the documented behavior includes scraping, enrichment, and outbound messaging, increasing the risk of privacy-impacting or externally visible actions from overly generic prompts.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill describes enriching leads through website scraping and third-party contact lookup services without warning that prospect data may be transmitted to external services or collected from websites. This is dangerous because users may unintentionally process personal or business contact data through outside providers, creating privacy, compliance, and consent risks.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The quick-start section includes commands that send real outbound email via live provider credentials, but it does not prominently warn that these commands perform external network actions and contact real recipients. In a skill centered on cold outreach, this makes accidental mass emailing, reputational harm, spam complaints, and legal/compliance exposure significantly more likely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal