ClawHub
Back to skill

Security audit

Gmail

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Gmail CLI helper that needs Gmail credentials but includes clear safeguards for reading mail and confirming changes.

Install only if you are comfortable granting the PortEden CLI access to the Gmail account involved. Use a separate profile for work or personal mail, confirm the exact account and message before sends/deletes/modifications, and log out or revoke Google access when the task is finished or if a token may be exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.