Inbox
ReviewAudited by ClawScan on May 10, 2026.
Overview
This instruction-only inbox skill is mostly purpose-aligned, but some linked guidance contradicts its stated limits by encouraging automated sending, declining, archiving, and tracking without clear user-approval or storage boundaries.
Install only if you want an inbox-coaching framework, not an autonomous inbox operator. Before using it with any email, chat, calendar, or project-management tools, require the agent to show drafts and proposed actions for approval, and do not allow persistent tracking unless you explicitly choose where that data is stored and how it can be deleted.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used with email or chat tools, the agent could send replies the user did not review, creating privacy, business, or relationship harm.
This describes a fully automated outbound response path. Sending messages is high-impact account behavior, and the artifact does not define clear confirmation, revocation, or boundary rules for what counts as safely pre-approved.
| **Pre-approved auto-send** | FAQ answers, link requests | Fully automated |
Treat all generated replies as drafts unless the user explicitly approves each send or has separately configured a narrow, revocable pre-approved rule.
An agent with calendar or messaging tools could decline invitations or contact people automatically, potentially causing missed meetings or unwanted communications.
The skill recommends automatic calendar declines and automatic follow-up nudges. These mutate external accounts and communications, but the instructions do not require user approval for each action or define safe thresholds.
- Auto-decline low-priority with polite response ... - Auto-nudge after configurable interval (default: 5 days)
Require explicit user confirmation before declining invitations or sending nudges, and make any automation rules narrow, visible, and easy to disable.
Sensitive information about messages, contacts, and user behavior could be retained or reused without the user understanding where it is stored or how long it persists.
Tracking these patterns over time implies retaining sensitive inbox metadata and user behavior, but the skill declares no storage, retention, or deletion controls and SKILL.md says it does not store messages or inbox data.
Track patterns: - Same item snoozed 3+ times - Item opened but not acted on repeatedly - Consistently skipped in batch processing
Keep tracking session-only by default, or require explicit opt-in with clear storage location, retention period, deletion controls, and redaction of sensitive message content.