Back to skill

Security audit

Email Writer

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it drafts and sends emails through a logged-in webmail account, with a documentation inconsistency users should notice.

Install only if you are comfortable letting the agent use your logged-in webmail session to compose and send messages. Review recipient, subject, body, and attachments before sending, and avoid sensitive content unless you trust the selected mail provider and account context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The skill claims that no email content is uploaded externally, but its core behavior is to send recipient, subject, body, and possibly attachments to third-party mail-provider servers via the browser. This misleading privacy statement can cause users or downstream agents to handle sensitive data under false assumptions, increasing the risk of unintended data exfiltration to external services.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.