ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawemail

v1.0.1

Google Workspace via ClawEmail.com service — Gmail, Drive, Docs, Sheets, Slides, Calendar, Forms. Use PROACTIVELY when the user asks to send email, create documents, manage files, schedule events, or work with any Google service.

0· 1.6k·4 current·6 all-time
by@cto1·duplicate of @cto1/claw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description promise (Google Workspace access via a ClawEmail account) lines up with the actual behavior: SKILL.md issues curl calls to gmail.googleapis.com, drive.googleapis.com, etc. The only required credential (CLAWEMAIL_CREDENTIALS) is exactly what an OAuth-based Google integration would need.
Instruction Scope
Runtime instructions are focused on storing a credentials JSON, using the included token.sh to exchange its refresh_token for a Google access token, and calling Google APIs. The instructions reference only the credentials file (~/.config/clawemail/credentials.json), the token cache (~/.cache/clawemail/access_token), and Google endpoints. Note: the skill tells the agent to 'use PROACTIVELY' for any Google-related user requests — that broad invocation policy is intentional but means the skill will be used frequently for many Google operations if allowed.
Install Mechanism
This is instruction-only with a small helper script included. No network installs, package downloads, or archive extraction occur. The helper script uses curl and python3 (already assumed available in SKILL.md examples), which is proportional to the task.
Credentials
Only one env var (CLAWEMAIL_CREDENTIALS) is required, which is appropriate. However that credentials JSON contains client_id, client_secret, and refresh_token — highly sensitive data that grants broad access to the user's Google Workspace. The credential requirement is justified by the described functionality but carries significant privilege and must be protected.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide privileges. It caches the access token under the user's XDG cache directory (~/.cache/clawemail/access_token) and does not modify other skills or system settings.
Assessment
This skill is coherent with its description, but you should treat the CLAWEMAIL_CREDENTIALS file as highly sensitive: it contains a client_secret and refresh_token that can be used to access your Google account. Only install/use this skill if you trust the issuer (ClawEmail.com). Before installing: (1) inspect the credentials JSON and the included scripts (token.sh) — the script is short and only exchanges the refresh token at https://oauth2.googleapis.com/token and caches the access token; (2) ensure the credentials file and cache files have restrictive filesystem permissions so others on the machine cannot read them; (3) consider requesting least-privilege OAuth scopes from the provider instead of full account scopes; (4) be aware the skill will be used proactively for many Google actions if you allow autonomous invocation — only enable that if you want the agent to act on your Gmail/Drive/Calendar/etc.; (5) if you ever suspect misuse, revoke the refresh_token from your Google account (or delete the OAuth client) to cut off access.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fekb72vynyka0e6e459gj61810a86

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis
EnvCLAWEMAIL_CREDENTIALS
Primary envCLAWEMAIL_CREDENTIALS

Comments