Nadmail
ReviewAudited by ClawScan on May 10, 2026.
Overview
NadMail is coherent for wallet-authenticated email, but it asks for wallet/key authority and can trigger blockchain-linked token buys while its registry metadata under-declares those sensitive capabilities.
Review before installing. Use a dedicated low-balance wallet rather than a primary wallet, protect the ~/.nadmail directory, verify the NadMail API and deposit address independently, and only allow sends when you are comfortable with the described micro-buy or emo-buy financial side effects.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using a main wallet key or a long-lived token could let the skill authenticate as that wallet/email account; a compromised API, token, or local file could affect that NadMail identity.
Registration consumes a wallet private key, signs a server-provided message, and stores a bearer token locally. This is purpose-aligned for SIWE/NadMail, but it is high-impact authority and the registry metadata declares no primary credential or env-var requirements.
if (process.env.NADMAIL_PRIVATE_KEY) { ... return key; } ... const signature = await wallet.signMessage(startData.message); ... fs.writeFileSync(TOKEN_FILE, JSON.stringify(tokenData, null, 2), { mode: 0o600 });Use a dedicated low-balance wallet, review the signed message flow, avoid putting main-wallet private keys in environment variables, and protect ~/.nadmail and token.json.
Sending an internal email may cause blockchain-linked token buying or price-impact behavior beyond simply delivering a message.
The skill documents a financial/market side effect for normal internal email, while explicit confirmation and daily caps are described only for the optional extra emo-buy feature. That leaves ordinary send-side financial effects less clearly bounded.
Every internal email (`@nadmail.ai` -> `@nadmail.ai`) automatically triggers a **micro-buy** of 0.001 MON of the recipient's meme coin. ... **Safety**: Emo-buy ALWAYS requires interactive confirmation.
Confirm who pays for the baseline micro-buy before use, keep spending limits low, and require explicit user approval for any send that can trigger financial activity.
It may be harder to know exactly which release was reviewed or whether all package metadata matches the published registry version.
The registry/SKILL version is 2.0.0, while _meta.json and package.json show 1.0.4 and package-lock.json shows 1.0.0. This version mismatch is a provenance/packaging inconsistency for a wallet-handling skill.
"version": "1.0.4"
Verify the publisher and release version before installing, and prefer a package whose registry, metadata, and lockfile versions are consistent.