Mailcheck

Security checks across malware telemetry and agentic risk

Overview

This Mailcheck skill is a straightforward connector wrapper for checking email, domain, and account status through OOMOL with no hidden files or destructive behavior found.

Install only if you intend to use OOMOL's oo CLI with a connected Mailcheck/UserCheck account. Be aware that checking email addresses, domains, or account status sends those lookup values through the OOMOL Mailcheck connector, and review the oo CLI install script source if your environment restricts remote shell installers.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 78% confidence
Finding: The trigger language is overly broad and can cause an agent to route any mention of Mailcheck through this skill without adequate task-boundary checks. Overbroad invocation criteria increase the chance of inappropriate tool use, unnecessary exposure of user data to an external connector, or bypass of safer, more specific handling paths.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal