ClawHub

ShellMail - Email Built for AI Agents

v1.0.12

Email API for AI agents. Check inbox, read emails, extract OTP codes, search messages via ShellMail. Trigger on "check email", "inbox", "otp", "verification...

0· 684·0 current·0 all-time
byAaron Batchelder@aaronbatchelder
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (email/OTP access) match the shipped script and declared requirements: the skill needs curl and python3 and a SHELLMAIL_TOKEN to call shellmail.ai endpoints. No unrelated credentials, binaries, or endpoints are requested.
Instruction Scope
SKILL.md instructs the agent to create/recover addresses, check inbox, read emails, extract OTPs, and to save the returned SHELLMAIL_TOKEN into agent configuration using gateway config.patch. Those steps are within the skill's purpose, but the instructions explicitly ask to persist a sensitive token and to collect a recovery email (PII) during setup; the README warns about this and instructs to request explicit user confirmation before saving the token.
Install Mechanism
No install spec (instruction-only) and a small included shell wrapper; nothing is downloaded or extracted at install time. Risk from installation is low.
Credentials
Only SHELLMAIL_TOKEN is required (plus optional SHELLMAIL_API_URL). These are proportionate to an email/OTP access skill. No unrelated secret or system credentials are requested.
Persistence & Privilege
always:false (no forced inclusion). However, SKILL.md explicitly instructs storing the SHELLMAIL_TOKEN into the agent's config (gateway config.patch), which grants persistent access to the inbox/OTPs until revoked. This persistence is functionally necessary but materially increases the skill's long‑term access; the skill warns users to confirm before saving the token.
Assessment
This skill appears to do exactly what it says — it's a thin CLI wrapper around shellmail.ai that needs a bearer token to read/send mail and extract OTPs. Key things to consider before installing: 1) The SHELLMAIL_TOKEN grants full access to the inbox and OTPs; only store it if you trust shellmail.ai and the agent. 2) The skill's setup asks you to persist the token into the agent config (gateway config.patch) — that will give the agent ongoing access until you remove or revoke the token. Follow the SKILL.md advice: show the user the exact config.patch command and get explicit confirmation before executing. 3) Prefer using disposable or non-personal recovery emails and test with non-sensitive accounts. 4) If you want lower blast radius, avoid persisting the token (use session-based tokens or remove the token when finished) or revoke the token after use. 5) The script requires curl and python3 (and optionally jq); it makes only expected calls to shellmail.ai. If you need more assurance, review the upstream project at the provided GitHub link and confirm the token handling and retention policy on shellmail.ai.

Like a lobster shell, security has layers — review code before you run it.

latestvk9788b4pyhnvv1bn4m164h49q582skyh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl, python3
EnvSHELLMAIL_TOKEN

Comments