ClawHub

Email Importance Content Analysis

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only email triage skill with disclosed, purpose-aligned email/header review and no install-time or persistent behavior.

Install this only if you are comfortable letting the agent inspect the specific emails you ask it to triage. Prefer providing copied message text and headers yourself, and only authorize Gmail access for the particular message being reviewed. Treat its sender-based fast-drop advice as a convenience heuristic, not as proof that an email is safe or unimportant.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
87% confidence
Finding
The changelog documents a first-pass decision using sender information, while the skill metadata explicitly says importance should be judged using content rather than sender name because sender identity can be spoofed. This mismatch can cause operators or downstream agents to trust sender-based heuristics, increasing the chance of phishing emails being mis-prioritized or legitimate messages being mishandled.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The documented sender-based triage expands behavior beyond the manifest's stated content-focused scope and relies on a spoofable attribute to influence outcomes. Scope drift of this kind is dangerous because users may invoke the skill expecting resilient content analysis, while the implementation may silently use weaker signals that attackers can manipulate.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal