email-skill

SUSPICIOUS. The overall purpose and capabilities are mostly coherent for an email skill, but the trust story is incomplete: the platform API/proxy endpoint is unnamed, a transitive imap-smtp-email component is not evidenced, and the skill allows autonomous outbound email actions with automatic provider fallback. This is not confirmed malware, but it carries meaningful security risk due to credential scope, outbound messaging authority, and unverifiable data-routing details.