ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawaimail

v0.2.8

Give your AI agent a real email address. Send, receive, and manage emails via API.

0· 313·0 current·0 all-time
byfocusailab@joansongjr
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, SKILL.md, and index.js all align: the skill exposes mailbox creation, send/receive/search via an API. However registry metadata claims no required env vars while the code and SKILL.md clearly expect CLAWAIMAIL_API_KEY (and server.json marks it required). This metadata omission is inconsistent.
Instruction Scope
Runtime instructions and SKILL.md stay inside the stated purpose: they describe configuring an MCP server, setting an API key, and using tools (list_inboxes, send_email, etc.). The only notable behavior is automatic provisioning of a default inbox (index.js will auto-create an inbox if none exist), which is within the email service domain but worth knowing.
Install Mechanism
There is no install spec in the registry (instruction-only), but the package includes index.js, package.json, and a package-lock with normal npm dependencies. The code relies on @modelcontextprotocol/sdk and zod from npm — no arbitrary download URLs or obfuscated installers. The absence of an install section while shipping runnable code (and a listed npm package) is a mild inconsistency to be aware of.
!
Credentials
The skill requires a CLAWAIMAIL_API_KEY at runtime (index.js reads process.env.CLAWAIMAIL_API_KEY and will fail without it); SKILL.md instructs how to set it. Yet the registry metadata presented earlier lists no required env vars. This mismatch could lead to users supplying credentials without clear registry prompts, or conversely installing the skill thinking no secret is needed. No other unrelated credentials are requested.
Persistence & Privilege
The skill does not request always:true, does not attempt to modify other skills' configs, and only uses its own config/cache (a cached default inbox). It will perform network calls to the service API (expected for an email service).
What to consider before installing
This skill's functionality (create inboxes, send/receive/search) matches the code and README, but there are metadata mismatches you should resolve before trusting it. Actionable steps: - Do not supply your real/high-privilege keys until you confirm the service and publisher (verify https://clawaimail.com and the GitHub repo linked in SKILL.md). The code will use CLAWAIMAIL_API_KEY from the environment and will auto-create an inbox if none exist. - The registry metadata omitted required env vars — ask the publisher or registry maintainer to correct this. Treat that omission as a red flag for sloppy packaging. - Prefer creating a purpose-limited API key on the provider side (if supported) and run the skill in a compartmentalized environment or with a key you can revoke. - Note the default BASE_URL can be overridden via CLAWAIMAIL_BASE_URL; ensure this points to the official API endpoint to avoid sending credentials to an unexpected host. - If you need higher assurance, review the upstream npm package (clawaimail-mcp) and the GitHub repo, and check the package's npm integrity and maintainers before installing or running with your primary credentials.
index.js:7
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk976d1zvafegjcpc8jgs6x7gq183e8gq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments