ClawHub

Inbox Triage

v1.0.0

Email inbox triage for AI agents — scan, categorize, draft replies, surface urgent items, and archive noise. Supports Gmail and IMAP for inbox zero workflows.

0· 307·1 current·1 all-time
by@clawdssen
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The stated purpose (scan, categorize, draft replies, surface urgent items, archive noise) aligns with the instructions: it expects CLI access to email (IMAP or Gmail) and describes triage rules and reply drafting. Asking for CLI tools like himalaya/gmailctl/mutt is coherent for an instruction-only triage skill.
!
Instruction Scope
Instructions explicitly tell the agent to read unread emails and optionally archive or move messages and draft replies (with safeguards). They also reference cross-referencing calendars, escalation via Telegram, and sending reminders — i.e., interacting with other services — but provide no explicit guidance about granting or scoping those additional accesses. The instructions permit automated archive/move actions (even if guarded) and long-term tracking/profiling of senders, which increases data persistence and cross-system behavior beyond a simple 'read-and-report' triage.
Install Mechanism
There is no install spec and no code files; this is instruction-only. That minimizes disk-write/install risk. The skill relies on external CLI tools already provided by the environment, which is typical for this kind of skill.
!
Credentials
The registry metadata lists no required environment variables or primary credential, yet the SKILL.md clearly requires IMAP credentials or OAuth tokens for Gmail and implies credentials for calendar and messaging (Telegram) if escalation/notifications are used. That mismatch (no declared creds vs. instructions needing them) reduces transparency and could cause the agent to request broad credentials at runtime without prior indication.
Persistence & Privilege
always is false and the skill does not ask to modify other skills or system-wide settings. However, the skill recommends building sender profiles, tracking threads in daily memory, and weekly updates — i.e., it expects or encourages persistent state. This is reasonable for triage but should be explicitly consented to and scoped.
What to consider before installing
This is an instruction-only skill that reasonably describes email triage behavior, but it omits important operational details. Before installing: (1) Understand it will need read access to your mailbox (IMAP credentials or Gmail OAuth) and may optionally need access to your calendar and messaging (Telegram) for escalations — only grant the minimum scopes (read-only Gmail/IMAP, limited calendar read) and avoid giving send/modify/delete scopes unless you explicitly want those features. (2) Keep auto-send and destructive actions disabled; enable only draft-and-approve workflows. (3) Test the listed CLI commands manually in a safe account to confirm output and behavior. (4) If you enable auto-archive or long-term sender profiling, review where those archives/profiles are stored and who can access them. (5) Prefer short-lived credentials or OAuth with revocation ability and monitor what the agent does on first runs (dry-run logging). These steps will reduce the risk from the skill's cross-service behavior and the metadata/credential transparency gap.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bs4b69d08k4sw6gr3ry8ry582a58e

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments