ProtonMail

This skill appears to implement a ProtonMail IMAP client and daily digest as described, but there are a few things to consider before installing: - Missing declared dependencies: The registry entry only lists python3, but SKILL.md instructs you to use Docker, git, and the Go toolchain for hydroxide or a Docker image. Expect to need those tools or change the instructions. - Third-party Docker image: SKILL.md recommends shenxn/protonmail-bridge (a community image). Running unverified Docker images can leak credentials or run malicious code. Prefer the official Proton Bridge binary/image or build hydroxide from the reputable emersion/hydroxide source and inspect the code. - Credentials storage: The scripts expect PROTONMAIL_USER and PROTONMAIL_PASS or a plaintext config file at ~/.config/protonmail-bridge/config.env (or the legacy hydroxide bridge-password). Storing bridge passwords in plaintext is a risk—use least-privilege, file permissions, or a credential manager where possible. - Code review: The included Python scripts perform IMAP login, list/fetch messages, and print summaries — there's no obvious obfuscated behavior or external network exfiltration in the scripts, but the Docker image recommended by the instructions is external and not audited. If you will run the Docker image, inspect its Dockerfile/source or run it in an isolated environment. If you want to proceed: (1) prefer official Proton Bridge or compile hydroxide from emersion/hydroxide yourself, (2) confirm required tools (docker/git/go) are installed, (3) keep bridge credentials secure, and (4) run the Docker image in a sandbox or inspect its source before trusting it.