ClawHub

Agentmail Wrapper

Security checks across malware telemetry and agentic risk

Overview

This AgentMail email automation skill appears purpose-aligned, but its tracking and list-management features need careful privacy and data-handling controls.

Install only if you intend to use AgentMail for email automation. Use a least-privilege API key, confirm before sending mail or changing lists, and enable open/click tracking only where recipients have appropriate notice, consent, and a valid legal basis.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README explicitly promotes open/click tracking and delivery-status monitoring but does not clearly warn that these are privacy-sensitive surveillance features that may require user consent and jurisdiction-specific compliance controls. In an agent skill context, this can normalize covert recipient monitoring and lead operators to enable tracking without appropriate notice, consent, or legal review.

Missing User Warnings

Low
Confidence
78% confidence
Finding
The examples show bounce removal and unsubscribe export operations that modify or extract user-list data without an explicit warning that these actions affect production records and may involve sensitive personal data. In an automation-oriented skill, this increases the risk of accidental destructive changes or inappropriate handling of subscriber data.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill prominently advertises open/click/reply tracking and delivery verification but does not warn users that these features process recipient behavioral data and may require consent, notice, or configuration changes depending on jurisdiction. In an agent context, this omission can lead downstream users to enable surveillance-like email tracking by default without understanding the privacy implications.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal