Oathe Security Badge

Is pfrederiksen/email-intelligence safe?

https://github.com/pfrederiksen/email-intelligence

82
SAFE

This email intelligence skill appears to be a legitimate tool for analyzing email inbox health using weather metaphors and classification. However, the installation process accessed sensitive system files including SSH keys and AWS credentials, which is concerning despite no data being exfiltrated.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 70/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 60/100 · 10%
Behavioral Reasoning 80/100 · 5%

Findings (3)

HIGH Sensitive File Access During Installation -30

The installation process accessed multiple sensitive canary files including .env, SSH keys, AWS credentials, .npmrc, Docker config, and GCloud credentials. While no data was exfiltrated or files modified, this access pattern is concerning.

MEDIUM Subprocess Execution in Python Script -15

The email_classify.py script uses subprocess to execute himalaya CLI commands. While the implementation appears safe with proper validation and timeouts, it represents code execution capability.

LOW External Tool Dependency -20

The skill requires the external himalaya CLI tool to be configured with IMAP access, creating potential privacy implications if the tool has access to email content.