Back to skill
Skillv1.0.0
ClawScan security
QQ Email Manager · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 4:47 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is internally consistent: a local Python IMAP/SMTP email client for Tencent/QQ/other IMAP providers that stores account credentials in a local config file and uses them to connect to the mail servers it documents.
- Guidance
- This skill appears to implement a straightforward local IMAP/SMTP client and is coherent with its description. Before installing or using it: (1) review the full script yourself (or have a trusted reviewer) to confirm no unexpected network calls exist beyond IMAP/SMTP; (2) avoid writing real mailbox passwords into a repository or shared skill directory—use an application-specific password and store credentials in your agent's secret manager or a protected location, and limit file permissions; (3) prefer OAuth/app-passwords for providers that support them (Gmail); (4) verify TLS settings and that you trust the hosts configured in the JSON; (5) if you stop using the skill, remove the credentials from the config file. If you'd like, I can scan the rest of the truncated script content for specific patterns (posting to external endpoints, subprocess calls, or obfuscated code) if you provide the remaining lines.
Review Dimensions
- Purpose & Capability
- okName/description (Tencent enterprise email manager) match the code and instructions: the script uses imaplib/smtplib to list, read, send, reply, forward, mark and search mail. No unrelated services or credentials are requested.
- Instruction Scope
- okSKILL.md instructs the user to edit a local config/email-config.json with IMAP/SMTP host and account credentials and to run the provided Python script. The runtime instructions and file accesses (the config file under the skill directory) align with the stated email-management purpose and do not request other system files or collect unrelated data.
- Install Mechanism
- okNo install spec is provided and the skill includes a single Python script. No remote downloads or package installs are required by the skill itself, minimizing installation risk.
- Credentials
- noteThe skill does not declare environment variables or secret inputs in the manifest but requires the user to place plaintext credentials (username/password or application password) into config/email-config.json. That is proportionate to the function (mail access) but has privacy/security implications: credentials are stored in a file inside the skill directory rather than integrated with a secret manager or using declared env vars.
- Persistence & Privilege
- okThe skill is not always-enabled and runs only when invoked. It does not request elevated system-wide privileges or modify other skills' configuration. Autonomous invocation is allowed (platform default) but not combined with other red flags.