agentmail-mcp

SUSPICIOUS: The skill is largely purpose-aligned for an email MCP integration and uses same-brand domains plus a same-org public repo, which argues against outright malware. However, it forwards an API key through MCP infrastructure, includes unpinned package execution, and grants an AI agent the ability to send real-world emails; this makes it a moderate-to-high security risk despite being plausibly legitimate.