Proton Bridge Email
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill appears to do what it claims—send mail through Proton Bridge—but it gives the agent access to Bridge email credentials and the ability to send real emails.
Install this only if you want the agent to be able to send email through your Proton Bridge account. Keep the encrypted credential file and age key private, delete the temporary plaintext env file after setup, keep the SMTP host pointed at localhost, and consider requiring confirmation before automated emails are sent.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent process that can decrypt these credentials can send email through the configured Proton Bridge account.
The skill intentionally handles Proton Bridge account credentials and briefly relies on a plaintext setup file before encryption.
The encrypted file should contain at least: - `PROTON_EMAIL` - `PROTON_BRIDGE_USER` - `PROTON_BRIDGE_PASS` ... 2) Create a temporary plaintext env file (e.g., `/tmp/proton.env`), then encrypt it:
Use only a Proton Bridge password, keep the age key protected, restrict file permissions, and delete the temporary plaintext env file after encryption.
If invoked with the wrong recipient or file, it could send unintended or sensitive content by email.
The helper can send an email to a supplied recipient and can read the email body from a supplied local file path.
ap.add_argument("--to", required=True)
...
body_group.add_argument("--body-file")
...
s.send_message(msg)Use explicit approval or recipient allowlists for automated workflows, and only pass body files that are intended to be emailed.
Installing external packages changes the local system and depends on obtaining the installer from the authentic provider.
The documented setup asks the user to install an external Proton Bridge package with system package privileges.
Download: https://proton.me/mail/bridge ... sudo apt install ./protonmail-bridge_*.deb
Download Proton Bridge only from Proton's official site, verify the package when possible, and run the install command manually rather than through an unreviewed automation path.