ClawHub

send-email

Send emails via SMTP. Configure in ~/.openclaw/openclaw.json under skills.entries.send-email.env.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
5 · 5.5k · 37 current installs · 37 all-time installs
by@fontStep
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the included Python script which sends SMTP mail; requiring python3 is appropriate. However the skill does not declare the SMTP environment variables in its metadata even though they are required at runtime. There is also an additional shell script that uses msmtp/mutt and ~/.msmtprc — tools not declared in the manifest and not mentioned in SKILL.md's required binaries.
!
Instruction Scope
SKILL.md explicitly instructs the agent not to read config files and to rely on OpenClaw injecting env vars at runtime. That is unusual but not inherently bad. The bigger concern: SKILL.md tells the agent to run the Python script only, yet the package also contains send_email.sh which references ~/.msmtprc, msmtp and mutt (and could be invoked by an agent or user). SKILL.md forbids using ~/.msmtprc, but send_email.sh explicitly references it — a contradictory instruction that could lead to using local mail credentials unexpectedly.
Install Mechanism
No install spec (instruction-only) and included code lives in workspace; nothing is downloaded or executed on install. This is low-risk from installation mechanics.
!
Credentials
The skill requires sensitive SMTP credentials (EMAIL_SMTP_PASSWORD etc.) which are reasonable for an email sender, but those env vars are not declared in the manifest/metadata (registry shows none). That lack of declaration reduces transparency. Also the shell script can rely on ~/.msmtprc which may expose other account credentials unrelated to this skill.
Persistence & Privilege
Skill is not always-loaded and uses default model-invocation behavior. It does not request persistent privileges or modify other skills/system configuration.
What to consider before installing
This skill's Python email sender is coherent and appears safe for sending mail when provided with SMTP credentials. However: - The package does not declare the required SMTP env vars in its metadata; double-check that OpenClaw will actually inject EMAIL_SMTP_SERVER, EMAIL_SMTP_PORT, EMAIL_SENDER and EMAIL_SMTP_PASSWORD before enabling. - The repository contains a shell script (send_email.sh) that uses msmtp/mutt and ~/.msmtprc; SKILL.md explicitly tells the agent not to use ~/.msmtprc, but the script references it — verify the agent will only run the Python script and not the shell script. The shell script could cause use of other local mail configs/credentials. - If you enable this skill, consider testing with a throwaway email account/app-password first, and confirm via logs which executable was run. If you want to reduce risk, only allow user-invoked runs (disable autonomous invocation for this skill) or remove/rename the shell script so the agent cannot call it by mistake. If you want me to, I can produce a trimmed version that only exposes the Python script and updates the skill metadata to declare required env vars, or show how to run a safe test with a disposable account.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.1
Download zip
latestvk9750mawdmc796ey9232vdzv4n80ezp3

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📧 Clawdis
Any binpython3

SKILL.md

Send Email

Send emails via the Python script. SMTP settings are injected by OpenClaw at runtime when the script runs (from ~/.openclaw/openclaw.jsonskills.entries.send-email.env). Do not read any config file (e.g. ~/.openclaw/openclaw.json or workspace/openclaw.json) — that would expose credentials in tool output. Just run the script; env is injected automatically. Do not use ~/.msmtprc.

Configuration

Configure in ~/.openclaw/openclaw.json:

"skills": {
  "entries": {
    "send-email": {
      "enabled": true,
      "env": {
        "EMAIL_SMTP_SERVER": "smtp.163.com",
        "EMAIL_SMTP_PORT": "465",
        "EMAIL_SENDER": "your-email@163.com",
        "EMAIL_SMTP_PASSWORD": "YOUR_AUTH_CODE"
      }
    }
  }
}
VariableDescription
EMAIL_SMTP_SERVERSMTP server, e.g. smtp.163.com, smtp.gmail.com
EMAIL_SMTP_PORTPort, 465 (SSL) or 587 (TLS)
EMAIL_SENDERSender email address
EMAIL_SMTP_PASSWORDAuthorization code / app password (163/QQ: auth code; Gmail: App Password)

Agent instructions

  1. Credentials: Never read config files. OpenClaw injects skills.entries.send-email.env when the script runs — do not use the read tool on ~/.openclaw/openclaw.json or workspace/openclaw.json (exposes secrets). If the skill is enabled, assume env is configured; do not ask the user for passwords. Do not use ~/.msmtprc.
  2. Send mail: Run the script under workspace (do not use the path under node_modules): 
    python3 ~/.openclaw/workspace/skills/send-email/send_email.py "recipient" "Subject" "Body"
  3. Attachment: python3 ~/.openclaw/workspace/skills/send-email/send_email.py "recipient" "Subject" "Body" "/path/to/file.pdf"

Usage examples

python3 ~/.openclaw/workspace/skills/send-email/send_email.py 'recipient@example.com' 'Subject' 'Body text'
python3 ~/.openclaw/workspace/skills/send-email/send_email.py 'recipient@example.com' 'Subject' 'Body' '/path/to/file.pdf'

SMTP reference

  • 163: smtp.163.com:465, requires authorization code (not login password)
  • Gmail: smtp.gmail.com:587, requires App Password
  • QQ: smtp.qq.com:465, requires authorization code

Troubleshooting

  • Authentication failed: Check that EMAIL_SMTP_PASSWORD is the authorization code or App Password.
  • Connection failed: Check EMAIL_SMTP_SERVER and EMAIL_SMTP_PORT.

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…