Yahoo Mail IMAP Export
PassAudited by VirusTotal on May 9, 2026.
Overview
Type: OpenClaw Skill Name: yahoomail-export Version: 1.0.2 The skill bundle provides a legitimate and well-documented pipeline for exporting large Yahoo Mail archives and triaging them using local LLMs (Ollama). While move_to_exports.py contains a hardcoded Yahoo App Password (zgvpnfymmwxebpof), this appears to be a developer oversight or a placeholder rather than a malicious credential harvesting attempt. The logic across all scripts (purge_cycle.py, triage_emails.py, etc.) is consistent with the stated purpose of email migration and local analysis, featuring safety checks like 'delete-after-verify' and local-only data processing.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A misconfiguration, partial local file, or unintended run could remove large numbers of messages from the Yahoo account.
The main script performs irreversible IMAP deletion of messages it considers downloaded. This is purpose-aligned for a purge/export workflow, but it is high-impact account mutation that needs explicit user control and backup verification.
if delete_after and downloaded_uids: ... uid("store", uid_set, "+FLAGS", "\\Deleted") ... expunge()Run with dry-run or no-delete first, verify local .eml backups independently, and only enable deletion after confirming the exact mailbox, folders, and retention plan.
The skill requires mailbox-level access and could normalize putting sensitive app passwords in editable script files.
A helper logs into Yahoo IMAP using a literal password value in source, while the registry declares no primary credential or required environment variables.
EMAIL = "your-email@yahoo.com" PASS = "zgvpnfymmwxebpof" ... m.login(EMAIL, PASS)
Remove hardcoded passwords, use a dedicated Yahoo app password supplied via environment variables or a secret store, and make the credential requirement explicit before use.
The agent could keep running mailbox purge cycles every 15 minutes until the cron job is disabled.
The guide recommends a persistent scheduled agent run for the purge cycle. Because the cycle can move and delete mail, persistence materially increases impact if left enabled or misconfigured.
openclaw cron create \ --name "email-purge-cycle" \ --every 15m \ --message "Run: cd ~/email-purge && python3 scripts/purge_cycle.py" \ ... --no-deliver
Do not enable cron until manual test runs are complete; add an explicit stop condition, notifications, and a reminder to delete or disable the cron job after the migration.
Anyone with access to the local export directory may be able to inspect sensitive email summaries and vector-indexed content.
The triage pipeline stores email metadata, body previews, and embeddings in a local SQLite database. This is consistent with local search/triage, but it creates a persistent searchable copy of private mail content.
DB_FILE = BASE_DIR / "vectors" / "email_index.db" ... parts.append(f"Content: {meta['body_preview'][:1500]}")Store the export directory securely, limit file permissions, encrypt or delete derived indexes when finished, and avoid indexing mailboxes you do not intend to retain locally.
A compromised or unexpected local sqlite extension could execute in the Python process.
The vector index builder optionally loads a native SQLite extension. This is expected for sqlite-vec support, but native extension loading executes local binary code if present.
conn.enable_load_extension(True)
conn.load_extension("vec0")Install sqlite-vec only from a trusted source and run the pipeline in a controlled local environment.
Setup may rely on undeclared local packages or services, making it easier to run with the wrong dependencies or trust assumptions.
The package includes runnable Python scripts but does not declare install steps, dependencies, or provenance beyond an unknown source/homepage in the registry metadata.
No install spec — this is an instruction-only skill.
Review the scripts before running, install dependencies from trusted sources, and document/pin the required Python packages and local services.