Back to skill

Security audit

Emailelevate

Security checks across malware telemetry and agentic risk

Overview

This email-marketing skill is broadly aligned with its purpose, but it can send campaigns, change subscriber lists, track users, and share reports through third-party services without clear approval and data-handling safeguards.

Install only if you are comfortable giving the agent access to email marketing accounts and customer engagement data. Use only the API key for the provider you actually need, prefer least-privilege credentials, require previews and explicit confirmation before sending campaigns or changing lists, limit Slack reports to approved private channels, and independently verify consent, unsubscribe, tracking, and privacy compliance obligations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill requests multiple high-sensitivity credentials and a Slack webhook, then describes reporting, syncing, and analytics flows without any explicit privacy, data-handling, retention, or third-party sharing disclosure. In this context, the omission is dangerous because the skill is designed to process subscriber, campaign, and potentially customer/CRM data across several external services, creating a realistic risk of unintended data exposure or over-sharing to Slack and analytics endpoints.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.