ClawHub

Email Triage Pro

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only email triage skill that openly reads a user-requested webmail inbox to summarize and draft replies, without code execution or persistence.

Install only if you are comfortable with the agent reading the signed-in mailbox you ask it to triage. Give narrow instructions such as provider, account, folder, search terms, unread-only, or message count, and review any drafted reply yourself before sending.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill description contains very broad invocation cues such as 'check my email', 'any urgent emails', and 'draft a reply', which are common user requests and can cause the skill to activate in situations where the user did not explicitly consent to inbox access. Because the skill is designed to fetch live email content via web_fetch or browser session reuse without OAuth, over-broad triggering increases the chance of unintended access to highly sensitive personal or business communications.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The quick-command table includes ambiguous triggers like 'check email', 'check urgent', 'email summary', and 'follow up' without contextual safeguards, making accidental or overly broad activation more likely. In this skill, activation leads directly to inbox access and content extraction from authenticated webmail sessions, so even benign ambiguity can expose private email metadata and message content beyond the user's intended scope.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal