Back to skill
Skillv1.0.1
ClawScan security
GitHub 通知自动分拣 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewApr 11, 2026, 8:55 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's behavior (creating sub-mailboxes, resolving a master email, forwarding messages, and writing buffers) is coherent with an email triage tool, but the packaged metadata omits several runtime requirements (mail-cli usage, jq, API key expectations) and therefore the declared requirements are inconsistent with what the instructions actually need.
- Guidance
- This skill appears to implement email triage, but the package metadata understates its runtime requirements. Before installing, verify you are willing to give the agent access to your mail-cli account and associated API key (the skill will call 'mail-cli clawemail master-user' and create a sub-mailbox). Confirm mail-cli and jq are installed on the host and that you trust the @clawemail/mail-cli package source. Be aware the setup will create/print an auth code for the new sub-mailbox — store it securely. Review where buffer files (memory/gh-triage-buffer-YYYY-MM-DD.json) will be stored and who can read them. If you need stronger guarantees, ask the author to update the skill manifest to explicitly list required binaries and environment variables and to document exactly how credentials are stored/used.
Review Dimensions
- Purpose & Capability
- noteThe name/description match the runtime instructions: the skill triages GitHub notification emails, forwards urgent items, buffers others, and archives the rest. Requested capabilities (creating a sub-mailbox, sending/marking mail) are consistent with that purpose. However, the skill metadata claims 'no required binaries/env vars' while SKILL.md explicitly requires mail-cli (npm @clawemail/mail-cli) and the setup script uses jq; this mismatch is unexpected and worth attention.
- Instruction Scope
- okInstructions stay within the stated purpose: they read incoming GitHub emails, match patterns in references/triage-rules.md, forward or archive via mail-cli, and write a local buffer file for daily summaries. They do not demand unrelated files or external endpoints beyond the mail system and the user's main email.
- Install Mechanism
- okThere is no install spec (instruction-only plus a small setup script), so nothing arbitrary is downloaded or installed by the skill bundle itself. The setup step relies on external tooling (mail-cli and jq) that must already be present — no third-party install URLs are embedded in the skill.
- Credentials
- concernThe SKILL.md and setup script require mail-cli configured with an API key and use mail-cli to resolve the master user email, but the skill metadata lists no required environment variables or primary credential. That omission is disproportionate: the skill needs access to mail-cli credentials (and will display auth codes when creating sub-mailboxes), yet the manifest does not declare or request them. The setup script also uses jq but this is not declared.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or system-wide settings. It instructs adding a cron schedule inside OpenClaw for daily summary runs (normal for an email automation). Autonomous invocation is allowed (default) which is expected for a triage automation.