Check Emails 1.0.0

Security checks across malware telemetry and agentic risk

Overview

The skill appears to access email, but its activation wording is broad enough that it could run when a user only casually asks to check email.

Review the skill before installing and only use it if you are comfortable granting mailbox access. Prefer explicit prompts such as checking Himalaya-related emails, and avoid installing if the skill cannot limit what mail it reads or confirm before accessing private messages.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrase "check emails" or similar is broad and likely to match ordinary user language, causing the skill to run without a clear, explicit request for this specific command. Because the command accesses the user's mailbox contents, accidental invocation could expose sensitive email metadata or content context that the user did not intend to retrieve at that moment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal