Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
Inbox Cleanup
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is a disclosed IMAP inbox cleanup tool that can delete or archive email, but it defaults to dry-run and requires user-provided credentials and explicit live-run action.
Install only if you are comfortable giving the script IMAP access to your mailbox. Run the dry-run first, carefully populate leave_domains for banks, payment processors, auth, legal, and receipt senders, and use --no-dry-run only after reviewing the preview because live delete/expunge may be difficult to recover.
SkillSpector
By NVIDIA
No SkillSpector findings.
Static analysis
Insecure tls verification
Warn
- Finding
- HTTPS certificate verification is disabled.
VirusTotal
57/57 vendors flagged this skill as clean.