ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Gws Gmail

v1.0.14

Gmail: Send, read, and manage email.

2· 2.6k·36 current·38 all-time
by@googleworkspace-bot
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with a CLI wrapper for Gmail and the declared required binary ('gws') is appropriate. However the skill does not declare any auth/credential environment variables even though Gmail access requires authentication; instead it points to an external ../gws-shared/SKILL.md for auth, which is not part of this package and is not documented in the registry metadata.
!
Instruction Scope
Runtime instructions explicitly tell the agent to read ../gws-shared/SKILL.md for auth, global flags, and security rules — a relative path outside this skill. The instructions also link to multiple helper SKILL.md files in sibling directories (../gws-gmail-send, etc.). These references mean the agent will attempt to read external files whose contents are unknown; they may contain further credential requests or privileged actions. The skill does not describe what the shared file contains or why it is safe to load.
Install Mechanism
No install spec and no code files — this is instruction-only and therefore does not write new binaries or download code. This is lower-risk from an install perspective, assuming the 'gws' binary is legitimate and preinstalled.
!
Credentials
The skill declares no required environment variables or primary credential, yet it provides Gmail functionality that necessarily requires authentication. The missing credential declaration combined with an instruction to read an external shared SKILL.md for auth is an incoherence: either auth is handled outside the skill (which should be documented) or the skill is failing to declare required secrets. This ambiguity prevents assessing whether requested access is proportional.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges in the metadata. It appears to rely on running the existing 'gws' binary at invocation time only.
What to consider before installing
This skill looks like a thin wrapper around a local 'gws' CLI for Gmail and is instruction-only. Before installing or enabling it: (1) verify where the 'gws' binary comes from and that it's a trusted, up-to-date provider; (2) locate and inspect the referenced ../gws-shared/SKILL.md and the sibling helper SKILL.md files (gws-gmail-send, gws-gmail-read, etc.) to see how authentication is performed and what credentials or scopes are required; (3) confirm where credentials are stored/loaded by 'gws' (env vars, config files, OAuth browser flow) and whether those locations are acceptable; and (4) if you cannot inspect the shared files or cannot confirm the provenance of 'gws', treat the skill as risky. Providing the contents of the referenced ../gws-shared/SKILL.md or the helper SKILL.md files would change this assessment to higher confidence.

Like a lobster shell, security has layers — review code before you run it.

Plugin bundle (nix)
Skill pack · CLI binary · Config
SKILL.mdCLIConfig
CLI help (from plugin)
gws gmail --help

Runtime requirements

Binsgws
latestvk977agpxq16c3wc6nm30khk4hs83zetr
2.6kdownloads
2stars
15versions
Updated 2h ago
v1.0.14
MIT-0
@googleworkspace-bot
latest
Download

gmail (v1)

PREREQUISITE: Read ../gws-shared/SKILL.md for auth, global flags, and security rules. If missing, run gws generate-skills to create it.

gws gmail <resource> <method> [flags]

Helper Commands

CommandDescription
+sendSend an email
+triageShow unread inbox summary (sender, subject, date)
+replyReply to a message (handles threading automatically)
+reply-allReply-all to a message (handles threading automatically)
+forwardForward a message to new recipients
+readRead a message and extract its body or headers
+watchWatch for new emails and stream them as NDJSON

API Resources

users

  • getProfile — Gets the current user's Gmail profile.
  • stop — Stop receiving push notifications for the given user mailbox.
  • watch — Set up or update a push notification watch on the given user mailbox.
  • drafts — Operations on the 'drafts' resource
  • history — Operations on the 'history' resource
  • labels — Operations on the 'labels' resource
  • messages — Operations on the 'messages' resource
  • settings — Operations on the 'settings' resource
  • threads — Operations on the 'threads' resource

Discovering Commands

Before calling any API method, inspect it:

# Browse resources and methods
gws gmail --help

# Inspect a method's required params, types, and defaults
gws schema gmail.<resource>.<method>

Use gws schema output to build your --params and --json flags.

Comments

Loading comments...