aaaaa
v1.0.0Automatically draft and send Gmail replies matching the client's tone, sign-off, and templates, requiring Gmail access and client profile for context.
⭐ 0· 702·1 current·1 all-time
by@azvast
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md and manifest describe a Gmail auto-reply tool (drafting and optionally sending replies using templates and client profiles) which is coherent. However, the top-level provided skill name ('aaaaa') does not match the manifest's name ('Gmail Auto-Reply for Client'), and the registry metadata declares no required credentials even though the skill plainly needs Gmail access (OAuth2/app password) to operate. This packaging/name inconsistency and lack of declared credential requirements reduce transparency.
Instruction Scope
The runtime instructions stay on topic: gather client brief, draft replies, use templates, and only send when authorized. The SKILL.md explicitly says to obtain credentials from environment or secure config and to default to returning drafts for user approval. It does not instruct the agent to read unrelated files or exfiltrate data to third-party endpoints other than using user-configured Gmail/IMAP/SMTP send paths.
Install Mechanism
This is an instruction-only skill with no install spec and no code files requiring downloads or execution. That minimizes install-time risk; nothing is written to disk by the package itself.
Credentials
The skill needs sensitive credentials (Gmail OAuth2 or app password) to actually send messages, but the registry metadata lists no required env vars or primary credential. SKILL.md instructs using environment or secure config but does not specify expected variable names or scopes. The absence of declared credential requirements in the metadata is a transparency gap and increases risk of misconfiguration or user error (e.g., storing creds insecurely or the agent being given overly broad credentials).
Persistence & Privilege
The skill does not request 'always: true' and has no install-time hooks or claims to modify other skills or global agent settings. It is user-invocable and uses normal autonomous invocation settings, which is expected for this type of skill.
What to consider before installing
This skill appears to implement an email auto-reply workflow, but there are transparency issues you should resolve before installing or providing credentials:
- Do not hand over raw Gmail credentials to the skill files. Prefer OAuth2 with limited scopes and a proper authorization flow.
- Ask the publisher which environment variable names or config keys the agent will look for and how credentials are stored/used. The package metadata currently lists no required env vars despite needing Gmail access.
- Verify the skill's publisher and homepage. The manifest claims a descriptive name, but the provided top-level name is 'aaaaa' and there is no homepage—this mismatch could indicate sloppy packaging or an untrusted source.
- Keep auto-send disabled until you test drafts thoroughly. The SKILL.md defaults to requiring approval, which is good—ensure that setting is enforced.
- Review and customize templates and 'do not reply' rules before enabling any automation. Limit the agent's send capability to narrow labels/senders if possible.
- If you decide to use it, use OAuth tokens with minimal scope and be prepared to revoke them if you stop using the skill.
If the publisher cannot clarify the credential handling, variable names, and the identity mismatch, consider avoiding installation or requesting a version with clearer metadata and a legitimate homepage/source.Like a lobster shell, security has layers — review code before you run it.
latestvk9759vztytkweq3xtvd2qyr2m9816fzv
License
MIT-0
Free to use, modify, and redistribute. No attribution required.