Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
myskil
v1.0.1Monitor Outlook and other common webmail inboxes in a persistent Edge profile, process new messages as a detached local background task, capture complete mes...
⭐ 0· 26·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to run a persistent webmail monitor via scripts under scripts/webmail_monitor_cli.ps1 and Python shims, but the published bundle contains only SKILL.md (no scripts, no code, no install). The SKILL.md expects local scripts, dependency installation, and a 'webmail-monitor' shim to exist or be bootstrapped, yet the package provides none and declares no required env/config. That incoherence means the skill as published cannot perform its stated purpose without fetching or creating code at runtime.
Instruction Scope
The instructions explicitly tell the agent to run PowerShell with ExecutionPolicy Bypass to start a detached background monitor, capture full message screenshots, download attachments to the desktop, and write logs and Excel files. Those actions require broad local file and browser profile access and have persistence implications. The SKILL.md gives concrete runtime commands (powershell -ExecutionPolicy Bypass -File scripts/...) even though those files are missing, which is a red flag for hidden fetch/exec behavior if the agent or user follows the instructions.
Install Mechanism
There is no install spec in the registry entry, but the SKILL.md says the CLI 'auto-runs a bootstrap step that installs missing Python dependencies and refreshes the local webmail-monitor shim.' That implies dynamic installation or downloading code at runtime, yet no trusted source/URL or release host is specified. The lack of included code plus an implied bootstrapping installer is a risky mismatch.
Credentials
The skill declares no required environment variables or config paths, but the instructions require access to an Edge profile, the user's Desktop, and persistent runtime files (runtime/monitor.log, desktop workbook/folders). Asking for none of these in metadata while instructing operations on sensitive local artifacts is inconsistent and prevents pre-install review of what credentials or profiles will be used.
Persistence & Privilege
The skill is explicitly designed to run as a detached, persistent background process on the user's machine and to keep an Edge profile open for mailbox login. Although the registry flags do not force 'always: true', the technical behavior described (ExecutionPolicy Bypass, background daemon, PID tracking, persistent profile reuse) gives it substantial local persistence. Combined with the missing scripts/install details, this raises risk of long-lived code running without clear provenance.
What to consider before installing
Do not run or allow unsigned PowerShell scripts you didn't review. Before installing or running this skill: (1) ask the publisher for the actual scripts and their cryptographic provenance (source repo, release URL, or a package you can inspect); (2) request an explicit install spec and a list of network hosts the bootstrap will contact; (3) review the contents of any scripts (especially those run with ExecutionPolicy Bypass) to ensure they don't download arbitrary code or persist startup tasks; (4) consider running in a sandboxed or VM environment first; (5) be aware this will access your browser profile, download email attachments to your Desktop, and keep a long-running background process — only proceed if you trust the code and understand those implications.Like a lobster shell, security has layers — review code before you run it.
latestvk978px60jefy7f9hr3cx8xmc65841pmx
License
MIT-0
Free to use, modify, and redistribute. No attribution required.