Back to skill
Skillv1.0.6
ClawScan security
alimail · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 1:55 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and code match its stated purpose (querying an enterprise AliMail user directory) and there are no disproportionate installs, unrelated credentials, or suspicious network endpoints.
- Guidance
- This skill appears to do exactly what it says: authenticate with AliMail and query user records. Before installing, ensure you trust the source and supply valid ALIMAIL_CLIENT_ID and ALIMAIL_CLIENT_SECRET for a service account with only the needed query permissions. Be aware the skill will read ~/.openclaw/openclaw.json as a fallback for credentials — if you store secrets there, they are accessible to any code that reads that file. Test with least-privilege credentials and verify network calls go to your organization's alimail endpoint. If you need stronger guarantees, review the main.py source and host a vetted copy in your environment.
Review Dimensions
- Purpose & Capability
- okName/description request access to ALIMAIL_CLIENT_ID and ALIMAIL_CLIENT_SECRET which is expected for OAuth2 API access to an AliMail user query endpoint. The included code calls alimail-cn.aliyuncs.com and returns email/employeeNo/name as promised.
- Instruction Scope
- okSKILL.md and main.py limit behavior to authenticating and calling the AliMail user query API. The only non-API file access is an optional read of ~/.openclaw/openclaw.json to load credentials when environment variables are missing; otherwise the agent is not instructed to read or transmit unrelated files or data.
- Install Mechanism
- okNo install spec. The skill is instruction/code-only and only depends on the well-known requests package declared in requirements.txt. Nothing is downloaded from third-party URLs or written to system locations.
- Credentials
- okOnly two environment variables are required (ALIMAIL_CLIENT_ID and ALIMAIL_CLIENT_SECRET), which are appropriate for client_credentials OAuth2 flow. The code may also read those values from ~/.openclaw/openclaw.json as a fallback — this is reasonable but means the file can contain the same secrets.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or system-wide settings. It only reads (not writes) the user's OpenClaw config as a fallback and sets process env for its own run.