ClawHub

Cold Email Campaigns with SalesBlink

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate SalesBlink API helper, but it needs review because it asks for a powerful API key in chat and can perform broad account, campaign, billing, and credential-management actions.

Install only if you intend to let the agent manage your SalesBlink account. Configure SALESBLINK_API_KEY through a secure environment or secret setting instead of pasting it into chat, use a least-privilege key if available, and require explicit confirmation before launches, billing links, API-key changes, sender connections, deletions, or bulk archive actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to ask the user for their SalesBlink API key in chat and then use it for authenticated requests. Collecting long-lived secrets through conversational text increases the risk of credential exposure via chat logs, downstream tooling, prompt leakage, or accidental reuse beyond the user's intent. The surrounding skill context makes this more dangerous because the API supports high-impact actions including campaign launches, billing-related operations, sender connections, and key management.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The skill is intentionally scoped to 'any HTTP request' to the SalesBlink API, which gives it very broad operational reach across low-risk and high-risk domains alike. That breadth increases the chance the agent will be invoked for sensitive actions such as billing changes, API key operations, account signup, mailbox connection, or campaign launch without sufficiently narrow task boundaries or policy gating. The context raises risk because this platform exposes persistent outreach, credential-adjacent, and payment-sensitive capabilities in one interface.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The authentication instructions tell the agent to ask for the API key directly, but they do not include a user-facing warning or safe handling requirements for secrets. This normalizes insecure credential sharing and can lead users to disclose reusable secrets in plain chat, where they may be retained, inspected, or inadvertently exposed. In this skill's context, compromise of the key can enable bulk messaging, inbox access, lead manipulation, workspace changes, and API key rotation/deletion.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation exposes a destructive contact-removal operation without requiring or even recommending an explicit confirmation step, preview, or warning about irreversible list changes. In a sales automation skill that can act on large lead datasets, this increases the chance of accidental or unauthorized deletion of outreach targets, causing operational disruption and potential loss of business data.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The move and archive endpoints change contact state in meaningful ways, but the documentation does not include safeguards such as confirmation prompts, warnings about downstream campaign effects, or verification of the target contact/list identifiers. Because this skill manages active outreach campaigns, silent state changes could suppress contacts, misroute leads, or alter campaign behavior in ways that are hard to detect immediately.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation exposes a destructive DELETE endpoint that removes a deliverability test and all associated tracking tasks, but it does not warn about irreversibility, confirmation requirements, or operational impact. In a sales automation skill, this increases the chance that an agent or user will unintentionally destroy campaign-related data, causing loss of analytics, auditability, and workflow continuity.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The archive cleanup workflow provides concrete steps to archive sequences, lists, and templates, which can pause campaigns, remove pending tasks, and disrupt outreach operations, but it does not require an explicit confirmation checkpoint immediately before those destructive actions. In a skill that can manage live sales campaigns at scale, omission of a confirmation warning increases the risk of accidental bulk disruption or data/workflow loss from an overly eager agent or ambiguous user request.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal