ClawHub

ClawEmail Admin

v1.0.0

Provision and manage @clawemail.com Google Workspace email accounts. Use when the user wants to create an email for their AI agent, check email availability, or manage existing ClawEmail accounts.

1· 1.4k·2 current·2 all-time
by@cto1·duplicate of @cto1/claw-admin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description claim to provision/manage @clawemail.com accounts and the SKILL.md only requires a single CLAWEMAIL_API_KEY and documents API endpoints on https://clawemail.com — this is proportionate for that purpose.
Instruction Scope
All instructions are limited to calling clawemail.com endpoints (check/create/list/suspend/delete) and to handling returned credentials (one-time password and OAuth connect URL). The SKILL.md does not instruct the agent to read other files, system state, or unrelated environment variables.
Install Mechanism
No install spec or code is included (instruction-only skill). Nothing is written to disk by an installer here, which minimizes installation risk.
Credentials
Only CLAWEMAIL_API_KEY is required which matches an admin API. This single credential is proportional, but it is high-impact (it can create/delete Workspace accounts), so key scope and storage/rotation policies matter.
Persistence & Privilege
always is false and there is no indication the skill modifies other skills or system-wide settings. It does not request permanent presence or elevated platform privileges.
Assessment
This skill appears coherent for managing @clawemail.com Google Workspace accounts, but before installing: 1) Verify the provider and domain (clawemail.com) and confirm you trust the operator — the skill has no homepage or publisher information. 2) Treat CLAWEMAIL_API_KEY as highly sensitive: limit its scope, store it securely, and plan key rotation. 3) Understand returned artifacts (one-time passwords and OAuth credentials) are sensitive; avoid storing them in plaintext and ensure any OAuth scopes granted are acceptable. 4) Clarify ambiguous text (e.g., “OpenClaw credentials”) with the author if needed. 5) Prefer using user self-signup flow (Stripe checkout) if you cannot verify the service. If you need higher assurance, ask the publisher for documentation, a privacy/terms page, or a verifiable homepage before providing the API key.

Like a lobster shell, security has layers — review code before you run it.

latestvk97f99vwse9a7w2h0p0jez98sh80ne7c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🦞 Clawdis
EnvCLAWEMAIL_API_KEY
Primary envCLAWEMAIL_API_KEY

Comments