ClawHub

Imap Smtp Email.Disabled

Security checks across malware telemetry and agentic risk

Overview

This is a coherent email tool, but it stores mailbox credentials locally and can send or change email with limited built-in safeguards.

Install only if you trust the publisher with access to the configured mailbox. Prefer a dedicated mailbox or revocable app password, keep file allowlists narrow, do not commit the .env file, expect setup to send a test email, and require human review before sending email, attaching files, downloading attachments, or changing read/unread state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill can send emails, mark messages read or unread, and download message content/attachments, but the user-facing description and notes do not prominently warn that these actions can modify mailbox state and affect external recipients. In an email tool, that omission is risky because users may invoke actions with real-world consequences such as accidental outbound mail, privacy exposure, or unintended changes to message state.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The script interactively collects an email password or app password and writes it directly into a local .env file in plaintext. Although chmod 600 reduces exposure to other local users, plaintext secret storage still increases the risk of accidental disclosure through backups, shell workflows, repo inclusion, malware, or later unsafe handling by other tools.

Missing User Warnings

Low
Confidence
86% confidence
Finding
After setup, the script automatically initiates an SMTP test that sends an email without a just-in-time confirmation prompt. This is not a severe security flaw by itself, but it can cause unintended outbound network activity, unexpected account side effects, or policy violations in environments where sending mail must be explicitly approved.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal