Back to skill

Security audit

Mailosaur

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Mailosaur connector that uses the OOMOL `oo` CLI and gives explicit approval guidance for write and delete actions.

Install this only if you intend to let Codex operate your Mailosaur account through OOMOL. Review prompts carefully before approving server/message deletion or server changes, because those actions can remove Mailosaur data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The description instructs the agent to use this skill for ANY Mailosaur request, which is an overly broad activation rule that can cause the skill to be invoked whenever Mailosaur is merely mentioned rather than when its use is explicitly intended. In an agent setting, this increases the chance of unintended reads or, more seriously, routing users into a skill that also exposes write and destructive operations, creating opportunities for accidental side effects or misuse.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.