ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gmail Cleaner

v1.0.0

Clean and organize Gmail accounts in bulk. Use when asked to clean Gmail, remove spam, trash newsletters/promotional emails, bulk-delete emails by sender, cr...

0· 468·0 current·0 all-time
by@cedarscy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description match the included scripts (auth, scan, clean, deep_clean, organize, restore). The code requires OAuth credentials JSON and token .pkl files (as documented) and calls the Gmail API for listing/labeling/trashing/deleting — all expected for a Gmail cleanup tool. There are no unrelated environment variables, binaries, or external services requested.
Instruction Scope
SKILL.md instructs running the included scripts with token/credentials paths and describes expected scopes. The scripts only read the provided credentials/token files, interact with the Gmail API, create labels/filters, and modify messages. They do not reference unrelated system paths or hidden external endpoints other than Google APIs. The instructions advise dry-run mode and warn about irreversible deletes.
Install Mechanism
There is no formal install spec, but each script will attempt to install required Python packages at runtime via os.system pip install if imports fail. Installing packages from PyPI at runtime is common but carries moderate risk (silent installs, no pinned versions). There are no downloads from untrusted URLs or archives in the skill itself.
Credentials
No environment variables or unrelated credentials are requested. The only persistent data are OAuth credentials JSON (user-supplied) and token pickle files stored by default under ~/.openclaw/workspace — this is proportional and documented. The tool asks for Gmail scopes appropriate for its operations (modify, readonly, settings).
Persistence & Privilege
always:false and model-invocation is normal. The skill writes token files to its own workspace location and creates Gmail filters/labels in the user's Gmail account (expected). It does not modify other skills or system-wide agent settings.
Assessment
This skill appears to be what it claims: a Gmail bulk-cleaner built around the Gmail API. Before installing/using it: 1) Review and obtain your own Google OAuth credentials JSON from Google Cloud Console (do not use credentials/token files from untrusted sources). 2) Use the --dry-run option to verify which messages will be affected before allowing deletions. 3) Be aware the scripts store tokens as pickle (.pkl) files — do not load token files from untrusted parties, and protect the token files' filesystem permissions. 4) The scripts auto-install Python packages via pip at runtime; consider pre-installing and pinning versions in a controlled environment (or run inside a virtualenv/container) to reduce supply-chain risk. 5) Limit scopes requested when possible (use 'basic' instead of 'all' unless you need filter creation), and back up important mail before running mass delete/purge operations.

Like a lobster shell, security has layers — review code before you run it.

latestvk973x97nkpj5rxqe2d0p7ce7hn81st10

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments