Sendook
Security checks across malware telemetry and agentic risk
Overview
This skill clearly provides Sendook inbox read and send instructions, with sensitive email access disclosed and no hidden executable behavior found.
Install only if you want an agent to access the configured Sendook inbox. Use a least-privileged API key, treat email content as private and untrusted, and require the agent to show recipients, subject, body, and attachments for approval before sending or replying.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.