Ravenclaw - Email Bridge
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill matches its email-bridge purpose, but it can send or schedule emails and forward inbox contents to Discord with limited documented approval, scoping, or credential boundaries.
Use this only if you trust the local Ravenclaw bridge and understand that it can send emails, schedule future emails, read your inbox, and optionally forward messages to Discord. Prefer a dedicated email account, restrict allowed recipient domains, keep the API on localhost, protect the .env file, and review scheduled emails regularly.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent invokes the skill incorrectly or too broadly, it could send or schedule emails from the user's account.
These documented operations can create, schedule, or cancel outgoing email messages. The artifacts show direct high-impact actions but do not describe an explicit approval step or skill-level recipient/domain limits.
**API Call:** `POST /send` ... **API Call:** `POST /schedule` ... **API Call:** `POST /schedule/cancel/<id>`
Require explicit user confirmation before sending, scheduling, or canceling emails, and document/enforce recipient or domain limits for the bridge.
Private email contents could be sent to a Discord channel if the webhook is configured.
Inbox data may be forwarded to a Discord webhook. The forwarding is disclosed, but the artifacts do not clearly bound which messages are forwarded, whether each forward is approved, or how sensitive email content is protected after forwarding.
**Behavior:** - Fetches new emails from POP3 server - Forwards to Discord (if configured) - Updates inbox JSON
Only configure Discord forwarding for non-sensitive inboxes, clearly document filtering and retention, and consider requiring per-check or per-message approval.
Compromise or misuse of the local bridge could affect the user's email account or Discord webhook.
The bridge requires email account credentials and may use a Discord webhook. This is expected for the stated purpose, but it gives the bridge delegated access to the user's email account and Discord destination.
EMAIL_HOST=mail.yourdomain.com EMAIL_USERNAME=your@email.com EMAIL_PASSWORD=yourpassword ... DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/...
Use a dedicated email account or least-privilege credentials where possible, protect the .env file, and rotate credentials if the bridge or machine is compromised.
Email contents may remain available locally after an inbox check.
The skill can retrieve all inbox messages and the bridge stores inbox state in JSON. This is purpose-aligned but creates persistent local sensitive data.
**API Call:** `GET /inbox` ... **Behavior:** ... Updates inbox JSON
Document where inbox JSON is stored, who can read it, and how users can delete or expire stored email data.
Users may need to trust external code that was not included in this skill review before providing email credentials.
The skill delegates sensitive email operations to a Ravenclaw service that users must install/run separately, while the registry metadata does not provide a verified source or homepage for the skill package.
Source: unknown Homepage: none Install specifications: No install spec — this is an instruction-only skill.
Install Ravenclaw only from a trusted source, review its code and configuration, and verify that the local API is not exposed beyond the intended machine.