Back to plugin

Security audit

bee-push-email

Security checks across malware telemetry and agentic risk

Overview

This appears to be what it claims: an email-monitoring OpenClaw plugin, though it has powerful rule-triggered agent actions and auto-reply features that should be used carefully.

If you install this, assume it can read new messages in the configured mailbox and, depending on your rules, mark/move messages, notify you, wake the agent, or ask/auto-reply. Use an app-specific email password, keep `auto_reply_mode` set to `false` or `ask` unless you are comfortable with automated replies, and avoid broad `agent_command` rules that let arbitrary incoming email trigger sensitive agent actions. Confidence is medium because some source files were omitted from the provided artifact, especially the action/rule execution files; a full review of those would increase confidence.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal

Static analysis

No suspicious patterns detected.