ClawHub

Unione - Email API

Security checks across malware telemetry and agentic risk

Overview

This is a coherent UniOne email API skill, but it can send emails and change email-service settings, so users should review actions and use a scoped API key.

Install only if you intend to let an agent operate your UniOne account. Use a least-privilege or test API key, verify the package source, and review recipients, message content, attachments, webhook URLs, domain changes, suppressions, projects, analytics exports, and subscription actions before allowing calls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
95% confidence
Finding
The README asserts that the agent always asks for confirmation before sending emails or modifying resources, but this file provides no technical mechanism, policy enforcement, or implementation evidence to guarantee that behavior. This can create a false sense of safety, leading users to trust the skill with actions that may trigger external side effects without explicit approval.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill documents and instructs use of project/account-adjacent capabilities such as project creation, webhook management, suppression management, event dumps, and system/account info, but the manifest description does not fully disclose this broader administrative scope. This can mislead users or policy systems about what the skill is capable of, reducing informed consent and weakening permission review.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The manifest description says the skill can send emails and manage related resources, but it does not clearly disclose subscription management via double opt-in subscription enrollment. Undisclosed subscription-management functionality can have privacy and compliance implications because it alters user marketing status and mailing-list membership.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal