Gmail Local
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: gmail-local Version: 1.0.0 The gmail-local skill provides standard IMAP/SMTP functionality for Gmail using local credentials. The Python script (scripts/gmail_local.py) implements good security practices by enforcing strict file permissions (0600) on the credential file and hardcoding official Google endpoints. It includes a mandatory confirmation flag for sending emails to prevent accidental or unauthorized automated mailing.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any process that can use this credential file may be able to access the Gmail account through IMAP/SMTP.
The skill requires a Gmail app password, which grants delegated access to the user's Gmail account for the stated IMAP/SMTP purpose.
Requires GMAIL_ADDRESS and GMAIL_APP_PASSWORD_FILE... Local 0600 file containing the Google App Password.
Use a dedicated Google App Password, keep the file owned by the user with 0600 permissions, and revoke the app password if it is no longer needed or may have been exposed.
If misused, the skill could send unintended email from the user's Gmail account.
The helper can send email through Gmail SMTP, but it includes a confirm-send gate and the SKILL.md instructs explicit user approval before sending.
if not args.confirm_send: _fail("send requires --confirm-send after explicit user approval") ... smtp.send_message(msg, from_addr=address, to_addrs=recipients)Before any send, review the recipient list, subject, and body preview, and only allow --confirm-send after explicit user approval; avoid bulk or automated sending.
Private email content may be exposed to the agent context, and malicious email text could try to influence the agent if treated as instructions.
Reading a message prints email body text into the agent's context, which can include private data or untrusted instructions from external senders.
print(_message_text(msg, args.max_chars))
Treat email contents as untrusted data, do not follow instructions found inside messages without user confirmation, and read only the messages needed for the task.