ClawHub

Gog Html Email

Security checks across malware telemetry and agentic risk

Overview

This appears to be a straightforward HTML email templating skill, with expected email-sending and template-editing risks rather than evidence of malicious behavior.

Install only if you are comfortable letting the skill prepare and send email through the configured Gmail tooling. Review generated HTML, recipients, links, and attachments before sending, avoid placing secrets in email bodies, and save customized templates to a user-specific copy when you do not want changes to affect future runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs users to send emails with `gog gmail send`, which transmits recipient addresses and message contents to an external service, but it does not warn about that data egress or advise users to confirm that the content is appropriate to send externally. In an agent setting, this omission can lead to unintended disclosure of sensitive information or accidental exfiltration if the skill is used on user-provided or workspace-derived data.

Missing User Warnings

Low
Confidence
73% confidence
Finding
The documentation includes a command that writes a modified template back into `workspace/skills/gog-html-email/templates/`, but it does not warn that this permanently changes files in the workspace and could affect future runs or other users of the skill. While not directly exfiltrative, unannounced file modification can cause integrity issues, confusion, and persistence of unexpected content in shared or automated environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal