Gmail Sender
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill’s Gmail-sending purpose is clear, but it asks for a Gmail App Password while referring to a `gmail-send` executable that is not included in the reviewed package.
Do not provide a Gmail App Password or run `gmail-send` unless the actual executable source is included and trusted. If you use this skill, use a dedicated app password, verify each recipient and message before sending, and only configure cron jobs deliberately.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could end up running unreviewed code with access to their Gmail sending credential.
SKILL.md instructs users to make and run `gmail-send`, but that executable is not included in the reviewed artifacts. Because the missing helper would receive the Gmail App Password, its behavior cannot be verified here.
2 file(s): SKILL.md (2084 bytes), _meta.json (25 bytes); No code files present — this is an instruction-only skill.
Provide the `gmail-send` source in the package, add an install spec or clear provenance, and do not run any separately obtained executable with a Gmail App Password unless it has been reviewed.
Anyone or any process that can access these environment variables may be able to send email through the configured Gmail account.
The skill requires a Gmail account credential. This is expected for Gmail SMTP sending, but it gives the tool delegated authority to send mail as that account.
export GMAIL_USER="your-email@gmail.com"; export GMAIL_APP_PASSWORD="xxxxxxxxxxxxxxxx"
Use a dedicated Google App Password, expose it only to trusted commands, and revoke it immediately if the skill or environment is compromised.
If invoked with the wrong recipient or content, the skill could send unintended emails from the user’s Gmail account.
The documented command can send arbitrary message content to arbitrary recipients. That matches the skill purpose, but email sending is an external action with user-impacting consequences.
./gmail-send "recipient@example.com" "Subject" "Body text"
Require clear user approval for recipients and message contents before invoking the sender, especially for external or bulk recipients.
A configured cron job could continue sending emails on a schedule until the user removes it.
The skill documents scheduled recurring execution through cron. This is user-directed and aligned with automated reports, but it creates ongoing behavior after setup.
Cron job integration: 0 9 * * 1-5 ~/.openclaw/scripts/gmail-send "you@example.com" "Morning Report" "$(date)"
Only add scheduled jobs intentionally, document where they are installed, and remove or disable them when no longer needed.