Bee Push Email

What to consider before installing: - This skill performs a system-wide install (creates /opt/imap-watcher, a systemd unit at /etc/systemd/system/, and a system user) and requires root to run the installer — only install on machines you control and trust. - You will need to provide IMAP credentials (email + password or app-specific password) at install time — use an app-specific password where possible. - The installer will attempt to read your OpenClaw configuration to obtain a Telegram bot token (used only to register bot commands) and a gateway token. The bot token is read but not stored; the OpenClaw gateway token may be written to /opt/imap-watcher/watcher.conf (chmod 600) so the non-root service can call 'openclaw agent --deliver'. This stored gateway token grants the service ongoing ability to invoke your OpenClaw gateway — only proceed if you accept that. - The installer may download the 'himalaya' binary from GitHub Releases via curl|tar into /usr/local/bin; verify this is acceptable for your environment. - Auto-reply is disabled by default, but if you enable auto-reply (auto_reply_mode = 'true') the agent may reply to email senders — keep it off or 'ask' if you want safer behavior. - Practical steps: review the packaged scripts (setup.py, imap_watcher.py, telegram_commands.py, uninstall.sh) yourself or with a sysadmin; back up any tokens and rotate them after install if concerned; run the installer interactively and verify the agent prompts for explicit consent as the SKILL.md requires; consider running this on an isolated host or VM if you are unsure. Why I marked this 'benign (medium confidence)': the implementation, files, and instructions match the described purpose and the behaviors (systemd service, token reading) have plausible reasons, but the skill reads and persists sensitive local tokens and uses curl|tar installation for a binary — these are elevated actions that warrant explicit user review and consent.