Skillv1.0.12

ClawScan security

Recipe Create Gmail Filter · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 31, 2026, 6:36 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only recipe is internally consistent: it uses a Gmail CLI (gws) and a gws-gmail prerequisite to create labels and filters for the user's mailbox, and it does not request unrelated permissions or install arbitrary code.
Guidance: This recipe will run gws (a Google Workspace CLI) to modify your Gmail (labels and filters) for the account referenced as 'me'. Before installing: (1) confirm you have a trusted gws/gws-gmail setup and understand the OAuth scopes granted (these tools will need permission to read/create labels and filters), (2) know that the commands will act on your mailbox and may remove messages from INBOX if configured, and (3) replace placeholder values (e.g., LABEL_ID) carefully when following the steps. If you don't already have gws/gws-gmail installed and authorized, the skill alone won't work — the platform or prerequisite skill will handle authentication, so review those components for trustworthiness.

Purpose & Capability: okThe name/description (create a Gmail filter) match the instructions, which call the gws gmail commands to list labels, create a label, and create a filter. Requiring the gws binary and the gws-gmail skill is appropriate for this purpose.
Instruction Scope: okSKILL.md contains only the explicit gws commands needed to list/create labels and filters for userId 'me'. It does not instruct reading unrelated files, environment variables, or sending data to external endpoints beyond the Gmail API via gws.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing is downloaded or written to disk by the skill itself.
Credentials: noteThe skill declares no environment variables itself, which is fine for an instruction-only recipe. However, it relies on the gws binary and the gws-gmail skill; those components will require Google credentials / OAuth consent to access the user's Gmail. Ensure those credentials/scopes are granted intentionally and come from trusted components.
Persistence & Privilege: okThe skill does not request always:true and is user-invocable only. It does not attempt to modify other skills or system-wide settings.