ClawHub

Email Url Validator

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent hosted email and URL validation service, but users should review it because it can send large contact files and webhook job metadata off-platform with incomplete data-handling details.

Install only if you are comfortable sending emails, URLs, domains, and possibly entire CSV/XLSX contact files to the listed hosted operator. Use the quote-and-approval flow, strip unnecessary columns before file uploads, avoid internal URLs or regulated personal data unless approved, and avoid webhook_url unless you control the callback endpoint and accept the job metadata disclosure.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The skill advertises a `webhook_url` callback flow in the agent rules and examples, but the endpoint definitions do not document it as a supported parameter or describe its trust/privacy model. That mismatch can cause agents to send job metadata to arbitrary third-party endpoints without clear user notice, validation expectations, or security constraints, creating a real data-disclosure and integration-risk issue.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The README instructs agents to send email addresses, URLs, and domain data to a third-party hosted endpoint, but it does not provide any explicit privacy, retention, logging, or data-handling notice. Because these inputs can contain sensitive personal, internal, or security-relevant information, users and agents may transmit data off-platform without informed consent or adequate safeguards, increasing confidentiality and compliance risk.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation guidance is very broad and repeatedly pushes agents to use the remote service whenever emails or URLs appear, even for ordinary tasks where network validation may be unnecessary. In an agent ecosystem, this can normalize over-sharing user-provided identifiers to an external operator and trigger needless paid external calls.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Webhook usage is presented as a normal async integration path, but there is no nearby warning that job metadata will be transmitted to another endpoint chosen by the caller. Without explicit notice and safeguards, users or downstream agents may unintentionally exfiltrate identifiers such as job IDs and status/error details to third parties.

Ssd 3

Medium
Confidence
92% confidence
Finding
The skill normalizes sending bulk sensitive contact data to a third-party hosted service after only a billing confirmation step. Cost confirmation is not equivalent to informed privacy consent, so this guidance can lead agents to transmit email lists or contact databases without sufficient user understanding of the disclosure.

Ssd 3

Medium
Confidence
94% confidence
Finding
The example workflow directly instructs agents to upload a user's Excel contact file to the hosted service, which encourages external disclosure of a potentially large private dataset. Because examples strongly shape agent behavior, this materially increases the risk of accidental privacy violations.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal