ClawHub

Zoho Mail

v1.0.5

Zoho Mail API integration with managed OAuth. Send, receive, and manage emails, folders, and labels. Use this skill when users want to send emails, read mess...

8· 12.5k·5 current·7 all-time
by@byungkyu
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchasesRequires OAuth token
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Zoho Mail integration with managed OAuth) match the runtime instructions and required environment variable. The single required env var (MATON_API_KEY) is exactly what you'd expect for a gateway-managed OAuth proxy.
Instruction Scope
All instructions show HTTP calls to the Maton gateway (gateway.maton.ai, ctrl.maton.ai) and examples use only MATON_API_KEY; they do not read unrelated files or other secrets. Note: the skill proxies user email traffic through Maton's endpoints rather than calling Zoho directly, so email content and metadata will flow through a third party (maton.ai).
Install Mechanism
No install spec and no code files (instruction-only); nothing is written to disk or fetched at install time, which is low-risk and consistent with the skill being a documentation/instruction wrapper.
Credentials
Only MATON_API_KEY is required, which is proportionate. However, that key is a powerful bearer credential for the Maton gateway (it can authorize access to users' Zoho mail via Maton's managed OAuth), so treat it as highly sensitive.
Persistence & Privilege
always is false and the skill does not request system-wide privileges or modify other skills. Autonomous invocation (default) is allowed but is normal for skills; nothing in the skill requests elevated persistence.
Assessment
This skill is internally consistent, but be aware that it routes all Zoho Mail API operations through Maton's gateway (gateway.maton.ai / ctrl.maton.ai). The MATON_API_KEY you provide is a bearer token capable of accessing email data via that gateway, so only provide it if you trust maton.ai and the account that issued the key. Recommended steps before installing: (1) verify Maton's reputation and privacy policy, (2) issue and store MATON_API_KEY in a secrets manager (not plain environment variables in shared environments), (3) limit or rotate the key if possible, and (4) confirm you are comfortable with a third party proxying your email content rather than using a direct Zoho OAuth integration. If you need higher assurance, request source or audit information from the publisher (maton) or prefer a direct Zoho integration that uses your own OAuth client credentials.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dg8vxap3em7bwv0ng20bb6s84dynp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧠 Clawdis
EnvMATON_API_KEY

Comments