ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clippy - Microsoft 365 CLI

v1.2.0

Microsoft 365 / Outlook CLI for calendar and email. Use when managing Outlook calendar (view, create, update, delete events, find meeting times, respond to invitations), sending/reading emails, or searching for people/rooms in the organization.

5· 4k·11 current·12 all-time
byDreetje@foeken
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (M365/Outlook CLI) match the runtime instructions: the SKILL.md documents calendar, mail, and people/room operations via a local 'clippy' CLI that automates the M365 web UI. Requiring a 'clippy' binary is proportional to the described purpose.
Instruction Scope
Instructions tell the agent/user to run the 'clippy' binary to read/send emails, create/update/delete events, download attachments to arbitrary paths (e.g., ~/Downloads), and to keep a browser session alive by periodically refreshing. These actions are expected for an email/calendar CLI, but they involve reading/writing local files (e.g., ~/.config/clippy/keepalive-health.txt and the profile dir) and opening a browser session that has access to the user's mailbox, which is sensitive. The SKILL.md also references an env var (CLIPPY_PROFILE_DIR) that is not declared in the metadata.
!
Install Mechanism
The skill is instruction-only (no install spec), but the SKILL.md install steps require 'git' and 'bun' (bun install, bun run) to build/link the CLI from https://github.com/foeken/clippy. The metadata only declares the 'clippy' binary as required; 'git' and 'bun' are not listed. Building this project will likely pull Playwright and download browser binaries at install time (large downloads, executes code fetched from GitHub). The lack of an install manifest or declared build dependencies is an incoherence and increases risk.
Credentials
Metadata declares no required env vars or credentials, which is consistent with the approach (interactive browser login). However SKILL.md documents CLIPPY_PROFILE_DIR and expects persistent session files under ~/.config/clippy. While no cloud credentials are requested, session cookies stored locally grant broad mailbox access — an expected but sensitive capability. The skill does not declare these config path dependencies in metadata.
Persistence & Privilege
The skill does not request always:true and is user-invocable. SKILL.md recommends running a keepalive process (systemd/launchd) to maintain a browser session, which creates a persistent local process with regular access to the web session and mailbox data. Autonomous invocation by the agent is allowed (default), so if the binary exists the agent could run clippy commands without further consent — this is normal but combined with recommended persistent keepalive increases the long-term blast radius.
What to consider before installing
This skill appears to be what it claims (a CLI that automates Outlook via a local browser session), but there are mismatches you should consider before installing: (1) The SKILL.md install steps require 'git' and 'bun' to build/link clippy from GitHub, but those tools are not listed in the skill metadata—verify you have the build toolchain and review the repository before running. (2) Clippy uses Playwright/browser automation and stores session/profile data under ~/.config/clippy (or a directory you set with CLIPPY_PROFILE_DIR); those session files (cookies/tokens) effectively give full access to your mailbox—only use with accounts you trust on the machine. (3) The instructions recommend running a persistent keepalive (systemd/launchd), which creates a long-running process that keeps a browser session alive; consider the security implications of a persistent process with mailbox access. (4) If you want more controlled access, prefer an OAuth/App-based integration (Microsoft Graph) rather than browser automation. Before installing: review the upstream repo code (https://github.com/foeken/clippy), confirm the source is trustworthy, ensure you understand where session data will be stored, and avoid using it with highly sensitive accounts or on shared machines.

Like a lobster shell, security has layers — review code before you run it.

latestvk97eyv8p3j3n42xn4xscvjv6397zw39q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binsclippy

Comments