Himalaya Cli
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent instruction-only skill for a real email CLI, but it can access and change your email account, so use it only with trusted configuration and explicit instructions.
Install this only if you want the agent to use Himalaya for your email. Configure credentials with a password manager, keyring, OAuth, or app-specific password rather than plaintext where possible. Confirm all send, reply, forward, move, copy, flag, delete, export, and attachment-download actions before running them, and treat email content and attachments as untrusted.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent using this skill with your configuration may be able to read, send, organize, or delete email in the configured accounts.
The skill requires email account configuration and credentials so the CLI can authenticate to IMAP/SMTP services. That is expected for an email client, but it grants access to private mail and sending authority.
A configuration file at `~/.config/himalaya/config.toml` 3. IMAP/SMTP credentials configured (password stored securely)
Use app-specific passwords or OAuth where possible, prefer a password manager/keyring over plaintext, limit configured accounts to what you intend the agent to access, and revoke credentials if the configuration is exposed.
A mistaken command could send an unintended email, delete the wrong message, or modify mailbox state.
The documented commands include direct sending and deletion of messages. These operations are purpose-aligned for an email CLI, but they can have immediate account or communication impact if run without review.
Send directly using template: `cat << 'EOF' | himalaya template send` ... Delete an Email `himalaya message delete 42`
Require explicit user confirmation before sending, replying, forwarding, moving, copying, flagging, or deleting email; verify recipients, message body, folder, and message IDs before executing.
If the Himalaya config is changed maliciously, a password-retrieval command could execute unintended local commands under the user's account.
The configuration supports running a local command to retrieve passwords. The examples are normal password-manager commands, but any `auth.cmd` entry should be treated as trusted local code.
backend.auth.cmd = "pass show email/imap" # backend.auth.cmd = "security find-generic-password -a user@example.com -s imap -w"
Inspect `auth.cmd` values before use, keep the config file protected, and prefer trusted password-manager or keyring commands.
Your safety depends partly on the integrity of the Homebrew formula and the upstream Himalaya project.
The skill depends on an external Homebrew-installed binary rather than bundled code. This is appropriate for a CLI wrapper, but the external package is outside the provided artifact scan.
brew | formula: himalaya | creates binaries: himalaya
Install from trusted Homebrew sources, check the upstream project if needed, and keep the CLI updated through normal package-management channels.