imap-smtp-email

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.70). The set includes an unknown GitHub repo (gzlicanyi/mail-skills) and an unfamiliar third‑party domain (clawhub.ai) that reference installation scripts (e.g., bash setup.sh) which could execute arbitrary code—only the Google app passwords URL is an official/low‑risk link—so treat the bundle as moderately high risk unless you inspect the code and setup script first.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses arbitrary user emails from third-party IMAP servers (see SKILL.md and scripts/imap.js where check/fetch/search call searchMessages and parseEmail using mailparser to ingest email text/HTML and attachments), which are untrusted, user-generated content that can influence subsequent actions like downloading attachments or sending replies.