AgentMail sending and receiving with Python scripts
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a straightforward AgentMail email helper, but it does use an API key, can send/read/mark emails, and stores downloaded mail locally.
Install this only if you are comfortable giving the scripts access to the specified AgentMail inbox. Use a dedicated API key, confirm the inbox and recipient placeholders before sending, remember that checking mail marks unread messages as read, and delete downloaded MAIL.* files when finished.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using this skill is granting it the ability to act through the AgentMail account associated with the API key.
The skill requires an AgentMail API key stored in a local .env file, giving the scripts delegated access to the user's AgentMail inbox.
cat > ~/.openclaw/workspace/agentmail/.env << 'EOF' AGENTMAIL_API_KEY=am_us_..... EOF
Use a dedicated, least-privilege AgentMail key if available, store the .env file carefully, and remove or rotate the key when it is no longer needed.
Running the checker may change the unread/read status of messages in the AgentMail inbox.
The receive workflow makes an account-state change by marking every fetched unread message as read. This is disclosed and aligned with the mail-checking purpose.
This downloads all unread messages as JSON files into the workspace directory and marks them as read.
Run the mail checker only when you are ready for unread messages to be marked read, and verify the target inbox identity before use.
Email contents may remain on disk after checking mail, and inbound email text is untrusted content that should not be blindly treated as instructions.
Downloaded email content, including message bodies, is persisted as local JSON files where it may later be read or reused by the agent.
Each message is saved as `MAIL.<YYYYMMDDTHHmmss>.<NNN>` ... The JSON inside contains ... "text": "Plain-text body...", "html": "<p>HTML body...</p>"
Review downloaded mail before acting on it, avoid following instructions embedded in unexpected emails, and delete MAIL.* files when they are no longer needed.
Future installs could pull newer package versions than the author tested.
The setup instructions install external Python packages without pinned versions. This is normal for a small Python integration but means package provenance and version changes matter.
uv pip install --python venv/bin/python agentmail python-dotenv ... venv/bin/pip install agentmail python-dotenv
Install from trusted package sources and consider pinning known-good versions of agentmail and python-dotenv for repeatable use.