imap-smtp-email
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: imap-smtp-email Version: 0.0.13 The imap-smtp-email skill is a well-structured tool for managing emails via IMAP and SMTP. It includes proactive security measures such as path whitelisting for file operations (ALLOWED_READ_DIRS and ALLOWED_WRITE_DIRS in scripts/imap.js and scripts/smtp.js) and ensures configuration files are stored with restricted (600) permissions. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and configuring this skill gives it access to the configured email account for IMAP and SMTP operations.
The setup flow collects an email password/app-password/authorization code and stores it locally with owner-only permissions.
read -s -p "Password / App Password / Authorization Code: " PASSWORD ... chmod 600 "$CONFIG_FILE"
Use app-specific passwords where possible, restrict account permissions if your provider supports it, and protect the ~/.config/imap-smtp-email/.env file.
A mistaken or overly broad invocation could send unintended messages, attach files, or change read/unread state in the mailbox.
The skill explicitly supports mailbox state changes and sending outbound email, including attachments.
mark as read/unread, and send emails with attachments
Review recipients, subject/body, attachments, mailbox, and message UIDs before allowing send or mark-read/mark-unread actions.
Email bodies may contain malicious or misleading instructions that should not be treated as commands for the agent.
Fetched emails can return sender-controlled text and HTML content to the agent.
text: parsed.text, html: parsed.html, snippet: parsed.text ? parsed.text.slice(0, 200)
Treat email content as untrusted; only follow instructions from emails when the user explicitly confirms that intent.
Dependency installation relies on the npm ecosystem and the package versions resolved at install time.
The user-run setup script installs npm dependencies from the package configuration.
(cd "$SKILL_DIR" && npm install --production)
Install only from a trusted copy of the skill, review package.json if desired, and consider using a locked or audited dependency set in higher-security environments.