Zoho Mail

Name: zoho-mail
Author: byungkyu

View on ClawHub↗

Share on X Share on LinkedIn Share on Bluesky

70High

The skill risks arbitrary code execution via unsanitized

ThreatsCI SM CS BC S HITL

Behavior Analysis

Mismatch detected — The stated purpose implies direct access to the Zoho Mail API with managed OAuth. However, the skill actually proxies all requests through a third-party Maton gateway, requiring a Maton API key and relying on Maton's infrastructure to manage the Zoho Mail OAuth authentication.

Claims to do

Zoho Mail: Access the Zoho Mail API with managed OAuth authentication. Send, receive, search, and manage emails with full folder and label management.

Actually does

This skill executes Python scripts to make HTTP requests to `https://gateway.maton.ai` and `https://ctrl.maton.ai`. It uses the `MATON_API_KEY` environment variable for authentication. The `gateway.maton.ai` endpoint acts as a proxy to the `mail.zoho.com` API, handling Zoho Mail OAuth tokens internally, while `ctrl.maton.ai` manages these OAuth connections.

Threat Analysis

AI Agent Traps ↗Scanned 4/15/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoning1 finding

Cognitive StateMemory & Learningclean

Behavioural ControlAction1 finding

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namebyungkyu/zoho-mail

Registryclawhub

Version1.0.5

PURLpkg:clawhub/byungkyu/zoho-mail@1.0.5

Stars8

Downloads12,595

Installs7

Source

Repository ↗

SHA-2568ba9a55749d8...

SHA-111d1c7c7e7c5...

MD5ecdde6076e42...

TLSH559277d19801...

ssdeep384:B9E0KuK8...

Size19,575 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

OpenClawDocs

https://clawhub.ai/byungkyu/zoho-mail

12,595 downloads7 installs

ClawHubDocs

openclaw skills install byungkyu/zoho-mail

Assessments (2)

AI Agent Traps ↗

Arbitrary Command Execution via Python Blockshighcommand execution

The skill content heavily relies on `python <<'EOF' ... EOF` blocks for demonstrating API calls. If an agent's input is not properly sanitized before being used to construct or execute these commands, it could lead to arbitrary code execution within the agent's environment.

90% confidenceline 20

```bash
python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://gateway.maton.ai/zoho-mail/api/accounts')
req.add_header('Authorization', f'Bearer {os.environ["MATON_API_KEY"]}')
print(json.dumps(json.load(urllib.request.urlopen(req)), indent=2))
EOF
```

Description Mismatchlowdescription mismatch

The stated purpose implies direct access to the Zoho Mail API with managed OAuth. However, the skill actually proxies all requests through a third-party Maton gateway, requiring a Maton API key and relying on Maton's infrastructure to manage the Zoho Mail OAuth authentication.

85% confidence

Base URL: `https://gateway.maton.ai/zoho-mail/{native-api-path}`. The gateway proxies requests to `mail.zoho.com` and automatically injects your OAuth token. All requests require the Maton API key in the Authorization header.

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/clawhub/byungkyu/zoho-mail.svg)](https://mondoo.com/ai-agent-security/skills/clawhub/byungkyu/zoho-mail)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/clawhub/byungkyu/zoho-mail"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/byungkyu/zoho-mail.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/clawhub/byungkyu/zoho-mail.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow