ClawHub

OpenClaw Email Skill

Security checks across malware telemetry and agentic risk

Overview

This is a text-only workflow guide for auditable email campaign operations, with clear approval gates for risky live-system actions.

Before installing, understand that this skill is meant for campaign operations rather than ordinary email writing. It may guide agents through sensitive email-system planning, including sends, imports, DNS, suppression lists, migrations, and automation changes, but the artifacts require explicit human approval before those high-risk actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The manifest description uses very broad trigger language spanning multiple agents and many kinds of 'email work,' which increases the chance the skill will activate for generic email-related prompts outside its narrow intended scope. Over-broad activation can cause inappropriate skill selection, leading an agent to follow operational email procedures in the wrong context and potentially suggest or prepare sensitive actions around campaign operations, migrations, or production systems.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The default prompt tells the agent to use this skill for broad tasks like planning, auditing, or improving an email workflow, which can overlap with many normal email-related requests. Overly broad activation criteria can cause unintended invocation, expanding the skill’s influence beyond narrowly intended use cases and increasing the chance that an agent follows inappropriate or lower-assurance workflow guidance in unrelated contexts.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal