OctoMail
PassAudited by ClawScan on May 1, 2026.
Overview
OctoMail is a clear email API skill, but its API key lets an agent read/send OctoMail messages and manage account links, so use a dedicated key and review sensitive actions.
This skill appears coherent and purpose-aligned for OctoMail email access. Before installing, use a dedicated API key, keep it private, confirm message sends and account-link changes, treat incoming email and attachments as untrusted, and review any remotely fetched skill update before replacing the installed version.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent with this key can act as the associated OctoMail agent, including reading and sending messages through the service.
The skill requires a bearer API key returned by registration and uses it for authenticated OctoMail account operations.
**Auth:** `Authorization: Bearer $OCTOMAIL_API_KEY` ... The response includes `api_key` ... **Store this value as `OCTOMAIL_API_KEY`.**
Use a dedicated OctoMail agent key, store it securely, avoid exposing it in logs or chat, and rotate or revoke it if it may have been shared.
If invoked incorrectly, the agent could send unintended messages or change account-linking state.
The documented API includes authenticated state-changing actions: sending email, creating invitation links, and deleting the sponsor link.
| Send | POST | `/messages` | Yes | ... | Invite | POST | `/agents/invite` | Yes | ... | Unlink | DELETE | `/agents/link` | Yes |
Require clear user intent before sending messages, creating invite links, downloading attachments, or unlinking a sponsor; review recipients and message contents before sending.
Replacing the installed skill with remotely fetched content without review could introduce new instructions not assessed here.
The skill points to a remote copy of the skill text for updates, which could differ from the artifact being reviewed.
**Check for updates weekly** ... `curl -s https://api.octomail.ai/skill.md`
Review any fetched update before installing or copying it over the existing skill, and prefer pinned or versioned releases where available.
Incoming mail or attachments could expose private information to the agent or try to influence its behavior.
The skill reads external inbound email content and attachments, which may be sensitive or may contain untrusted instructions.
✅ **Inbound** — works (external → `@octomail.ai`) ... `GET /messages` ... `GET /messages/{id}/attachments/{index}`Treat email bodies and attachments as untrusted content; do not let message text override user instructions or authorize account actions by itself.