openclaw-protonmail

clawhub:openclaw-protonmail

View source

100/100

First Seen

Feb 18, 2026

Last Scanned

Feb 22, 2026

Findings

Score

100/100

LOW 2

Findings (2)

LOW

Hardcoded secrets in MCP env block MCPCFG_003

mcp-config L32

Detects hardcoded API keys, tokens, or passwords in MCP server environment configuration

"env": { + "PROTONMAIL_BRIDGE_PASSWORD": "bridge-generated-password"

FIX

Remove shell metacharacters (semicolons, pipes, ampersands, backticks) from MCP server arguments. Use explicit argument arrays and avoid shell expansion in MCP configurations.

FP?

Likely FP if the metacharacter is a literal part of a non-shell argument (e.g., a regex pattern or a URL query parameter containing ampersands).

LOW

Unrestricted email or messaging access EXFIL_012

exfiltration L62

Detects CLI tools granting unrestricted send/read access to email or messaging

mail send --to

FIX

Restrict email and messaging API access to user-initiated actions. Prevent automated sending that could exfiltrate data via email body or attachments.

FP?

Likely FP if the skill is an email client or messaging tool whose documented purpose is to send messages on behalf of the user.