ClawHub

Mail Sender (Jaskies)

ReviewAudited by ClawScan on May 10, 2026.

Overview

This skill does what it says—send email over SMTP—but it can immediately send messages from the user's email account without a built-in confirmation or scoping guard.

Install only if you want the agent to be able to send email through your account. Use a Gmail App Password or equivalent limited credential, avoid your main password, and require the agent to show the full recipient, subject, and body for approval before each send.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium
#ASI02: Tool Misuse and Exploitation
What this means

If an agent invokes this skill with configured credentials, it can send real emails from the user's account, which may be hard to undo.

Why it was flagged

The script accepts an arbitrary recipient and sends the message immediately after logging in. No artifact shows a built-in confirmation, preview, recipient restriction, or rate/scope control.

Skill content
parser.add_argument("--to-email", required=True, help="Recipient email address") ... smtp.login(smtp_user, smtp_pass) ... smtp.send_message(msg)
Recommendation

Use this only with explicit user approval for each message, review recipient/subject/body before sending, and consider adding a draft-or-confirm step before smtp.send_message.

Low
#ASI03: Identity and Privilege Abuse
What this means

Anyone or any agent workflow with access to these credentials could send mail through the configured account.

Why it was flagged

The skill reads SMTP credentials from environment variables or command-line arguments and uses them to authenticate. This is expected for SMTP sending, but it grants authority over the user's email account.

Skill content
parser.add_argument("--smtp-user", default=os.getenv("SMTP_USER"), help="SMTP username")
parser.add_argument("--smtp-pass", default=os.getenv("SMTP_PASS"), help="SMTP password")
...
smtp.login(smtp_user, smtp_pass)
Recommendation

Use a dedicated app password, store it securely, revoke it when no longer needed, and declare SMTP_USER/SMTP_PASS in the skill metadata so users understand the credential requirement.