ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agentmail

v0.1.1

Give the agent its own dedicated email inbox via AgentMail. Send, receive, and manage email autonomously using agent-owned email addresses (e.g. hermes-agent...

0· 282·0 current·0 all-time
byAgung Prabowo@agungprabowo123
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
Name/description match the instructions: this is an AgentMail integration that gives agents inboxes. However the registry metadata claims no required env vars or primary credential, while SKILL.md explicitly requires an AgentMail API key (am_...) and Node.js. That metadata omission is an incoherence — the skill will need a secret but the registry entry does not declare it.
Instruction Scope
Runtime instructions are narrowly scoped to creating/managing agent-owned inboxes and do not ask to read the user's personal email. They do instruct you to add AGENTMAIL_API_KEY into ~/.hermes/config.yaml (agent framework config) and to restart Hermes, which modifies agent configuration and places a secret into a file accessible to the agent environment. This is expected for this integration but worth noting because it centralizes the API key where other agent code could access it.
!
Install Mechanism
No formal install spec in the registry, but SKILL.md directs runtime installs: 'pip install mcp' and using 'npx -y agentmail-mcp'. Both will fetch and execute third-party code (PyPI/npm) at install/runtime. Using npx/pip is common but is a moderate risk because it downloads remote packages — review the agentmail-mcp npm package and the GitHub repo before running.
!
Credentials
Requesting an AgentMail API key is proportionate to the stated purpose. The problem is the registry metadata does not advertise this required credential, and the instructions advise storing the key in ~/.hermes/config.yaml which may expose the secret to any agent or process that can read that config. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not request always:true and does not declare system-wide privileges. It asks the user to update their Hermes config to add an MCP server entry (normal for adding tools). It does not instruct modifying other skills or system config beyond the agent's own Hermes config.
What to consider before installing
This skill appears to be what it says (an AgentMail integration) but has some red flags you should consider before installing: 1) Metadata mismatch — the public record says no credentials required, but the SKILL.md requires an AgentMail API key. Ask the publisher/registry to correct metadata before trusting it. 2) Secrets handling — the instructions ask you to paste AGENTMAIL_API_KEY into ~/.hermes/config.yaml; that file may be readable by other agents or processes. Prefer storing secrets with least privilege (use an env var with restricted file permissions or a secrets manager) and avoid putting high-value keys in plaintext config if possible. 3) Code provenance — SKILL.md directs you to run 'pip install mcp' and 'npx -y agentmail-mcp', which will fetch code from PyPI/npm. Inspect the agentmail-mcp package (npm) and the linked GitHub repo (https://github.com/agentmail-to/agentmail-mcp) to verify publisher identity, check recent commits, and review the package contents before running. 4) Use a throwaway/test AgentMail account first (or a limited-permission key) to validate behavior and limits (free tier stated). 5) If you proceed, restrict the key's permissions (if AgentMail supports it), set tight file permissions on the config file, and monitor outgoing traffic for unexpected destinations. If the publisher cannot explain the metadata mismatch or provide trustworthy package sources, do not install.

Like a lobster shell, security has layers — review code before you run it.

latestvk975768h0c4m3e77hy0wr7m5cs82tcsm
282downloads
0stars
2versions
Updated 4h ago
v0.1.1
MIT-0
Agung Prabowo@agungprabowo123
latest
Download

AgentMail — Agent-Owned Email Inboxes

Requirements

  • AgentMail API key (required) — sign up at https://console.agentmail.to (free tier: 3 inboxes, 3,000 emails/month; paid plans from $20/mo)
  • Node.js 18+ (for the MCP server)

When to Use

Use this skill when you need to:

  • Give the agent its own dedicated email address
  • Send emails autonomously on behalf of the agent
  • Receive and read incoming emails
  • Manage email threads and conversations
  • Sign up for services or authenticate via email
  • Communicate with other agents or humans via email

This is NOT for reading the user's personal email (use himalaya or Gmail for that). AgentMail gives the agent its own identity and inbox.

Setup

1. Get an API Key

2. Configure MCP Server

Add to ~/.hermes/config.yaml (paste your actual key — MCP env vars are not expanded from .env):

mcp_servers:
  agentmail:
    command: "npx"
    args: ["-y", "agentmail-mcp"]
    env:
      AGENTMAIL_API_KEY: "am_your_key_here"

3. Restart Hermes

hermes

All 11 AgentMail tools are now available automatically.

Available Tools (via MCP)

ToolDescription
list_inboxesList all agent inboxes
get_inboxGet details of a specific inbox
create_inboxCreate a new inbox (gets a real email address)
delete_inboxDelete an inbox
list_threadsList email threads in an inbox
get_threadGet a specific email thread
send_messageSend a new email
reply_to_messageReply to an existing email
forward_messageForward an email
update_messageUpdate message labels/status
get_attachmentDownload an email attachment

Procedure

Create an inbox and send an email

  1. Create a dedicated inbox:
    • Use create_inbox with a username (e.g. hermes-agent)
    • The agent gets address: hermes-agent@agentmail.to
  2. Send an email:
    • Use send_message with inbox_id, to, subject, text
  3. Check for replies:
    • Use list_threads to see incoming conversations
    • Use get_thread to read a specific thread

Check incoming email

  1. Use list_inboxes to find your inbox ID
  2. Use list_threads with the inbox ID to see conversations
  3. Use get_thread to read a thread and its messages

Reply to an email

  1. Get the thread with get_thread
  2. Use reply_to_message with the message ID and your reply text

Example Workflows

Sign up for a service:

1. create_inbox (username: "signup-bot")
2. Use the inbox address to register on the service
3. list_threads to check for verification email
4. get_thread to read the verification code

Agent-to-human outreach:

1. create_inbox (username: "hermes-outreach")
2. send_message (to: user@example.com, subject: "Hello", text: "...")
3. list_threads to check for replies

Pitfalls

  • Free tier limited to 3 inboxes and 3,000 emails/month
  • Emails come from @agentmail.to domain on free tier (custom domains on paid plans)
  • Node.js (18+) is required for the MCP server (npx -y agentmail-mcp)
  • The mcp Python package must be installed: pip install mcp
  • Real-time inbound email (webhooks) requires a public server — use list_threads polling via cronjob instead for personal use

Verification

After setup, test with:

hermes --toolsets mcp -q "Create an AgentMail inbox called test-agent and tell me its email address"

You should see the new inbox address returned.

References

Comments

Loading comments...