ClawHub

eml to sqlite indexer

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate email indexing tool, but its local web admin features can delete email files, restore data, and run with a known default admin password.

Review before installing. Change the admin password in config.json before starting the web app, keep it bound to trusted local access or a protected network, and treat emails.db, CSV exports, and backup ZIPs as private email archives. Use delete and restore only after taking a separate backup, and pin/audit the Python dependencies in a controlled environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The documentation advertises physical file deletion and database restore features but does not clearly warn that deletion is irreversible and that restore operations may overwrite or replace current data. In a skill handling large email archives, this increases the chance of operator error leading to permanent data loss or unintended rollback of sensitive records.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation advertises web-based deletion of both database records and physical email files, but it does not prominently warn users that the action is destructive and may be irreversible. In a skill handling potentially large email archives, missing safety guidance increases the likelihood of accidental mass data loss or operator misuse.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The backup feature states that older backups are automatically deleted based on retention count, but the documentation does not clearly warn that historical recovery points will be removed. This can lead administrators to assume backups accumulate indefinitely, causing avoidable loss of rollback capability.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The restore capability is described as a simple upload action without warning that restoration may overwrite, replace, or merge with existing indexed data. In a data-management skill, ambiguous restore semantics can cause unintended corruption, duplication, or replacement of the active dataset.

Unpinned Dependencies

Low
Category
Supply Chain
Content
flask
tqdm
Confidence
95% confidence
Finding
flask

Unpinned Dependencies

Low
Category
Supply Chain
Content
flask
tqdm
Confidence
91% confidence
Finding
tqdm

Known Vulnerable Dependency: flask — 8 advisory(ies): CVE-2025-47278 (Flask uses fallback key instead of current signing key); CVE-2018-1000656 (Flask is vulnerable to Denial of Service via incorrect encoding of JSON data); CVE-2019-1010083 (Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory u) +5 more

High
Category
Supply Chain
Confidence
89% confidence
Finding
flask

Known Vulnerable Dependency: tqdm — 3 advisory(ies): CVE-2024-34062 (tqdm CLI arguments injection attack); CVE-2016-10075 (TDQM Arbitrary Code Execution); CVE-2016-10075 (The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to e)

High
Category
Supply Chain
Confidence
82% confidence
Finding
tqdm

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal