Clawemail

The skill is classified as suspicious due to the extensive use of `curl` and `python3 -c` commands in `SKILL.md` with placeholders (e.g., `MESSAGE_ID`, `FILE_ID`, email content). These commands, if populated by the AI agent with unsanitized user input, present a significant risk of shell injection or command injection. While the `scripts/token.sh` handles sensitive OAuth credentials and performs network requests to legitimate Google endpoints, the overall design exposes a broad attack surface for prompt injection against the agent if input sanitization is not rigorously applied by the agent itself.