Email 163 Com Backup
WarnAudited by ClawScan on May 10, 2026.
Overview
This looks like a real 163.com email tool, but it needs review because it under-declares full mailbox credential access and includes commands that can permanently change or delete email.
Install only if you intentionally want to give this skill full access to a 163.com mailbox. Remove or ignore the sample credentials, rotate any exposed auth code, run your own configuration, and require manual approval before sending mail or using delete, batch-delete, move, mark-all, --all, or --expunge commands. Avoid curl|bash or remote tarball installation unless you verify the source.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or autonomous agent action could permanently remove or broadly change mailbox contents.
This documents a command path that can delete all messages and expunge them. The provided artifacts do not document a confirmation, dry-run, or approval boundary for this destructive operation.
email-163-com batch-delete --all --expunge --verbose
Require explicit user confirmation and a preview of affected message IDs before send, delete, move, mark-all, --all, or --expunge operations. Avoid autonomous use of destructive commands.
Installing or using the skill gives the agent full access to a mailbox for reading, sending, moving, and deleting mail; exposed auth codes should be treated as compromised.
The skill requires a mailbox auth code and includes an account/auth-code-looking value in documentation, while the supplied registry metadata declares no primary credential, env vars, or required config path.
"email": "newolf20000@163.com", "password": "KZtfcUW...Ff9M9"
Remove real credentials from all artifacts, rotate any exposed 163.com auth code, and declare the required credential and config path in metadata so users understand the permission boundary.
If the remote package is replaced or the URL is changed, users could install different code than the reviewed artifact.
The optional installer downloads and extracts a remote tarball without a pinned version, checksum, or signature. It is not shown as automatically executed by the registry install spec, but users who run it rely on an unverified source.
SKILL_URL="https://your-server.com/email-163-com.tar.gz" ... curl -L "$SKILL_URL" ... tar -xzf
Prefer the reviewed ClawHub package, or add a fixed release URL plus checksum/signature verification before extracting and installing.
Users may overtrust the package’s handling of sensitive information and overlook exposed or under-declared credentials.
This claims personal sensitive information was removed, but other provided artifacts include a personal-looking 163.com address and an auth-code-looking password value. That weakens the reliability of the stated security posture.
本报告已隐去所有个人敏感信息,可安全公开发布
Correct the privacy/security claims, remove sensitive examples, and publish a sanitized test report.