163mail
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The mail features are mostly purpose-aligned, but the package ships a real-looking 163.com authorization code, disables IMAP certificate checks, and includes unadvertised scripts that send fixed emails.
Review carefully before installing. Do not use the bundled config.json; revoke or discard the exposed authorization code, delete the hardcoded send scripts unless you intentionally need them, and only configure your own 163.com authorization codes after TLS verification is fixed.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone installing or inspecting the skill could gain access to that mailbox authorization code, and the agent may use the bundled account by default.
The package includes a populated mailbox configuration with authorization-code fields instead of only the documented template.
"email": "zong.yz@163.com", "imapPassword": "[redacted]", "smtpPassword": "[redacted]"
Remove config.json from the package, revoke the exposed 163 authorization code, and require each user to provide their own credentials through a secure config path or environment variables.
If this script is run, it can send an email from the configured account without the user explicitly choosing the recipient or message content.
This included standalone script sends a prewritten message to a hardcoded recipient using the configured mailbox, rather than requiring a user-provided recipient and body.
skill.utils.sendEmail('zongxuliang@163.com', '好好看下这篇文章', email).then(result => {Remove hardcoded mail-sending scripts or convert them into documented examples that require explicit user-supplied recipient, subject, body, and confirmation.
Running this file can immediately create and send an attachment from the configured mailbox, even though attachment sending is not part of the documented command set.
The file calls its send function at top level, creating a document and sending it as an attachment to a fixed address whenever the script is executed.
to: 'zongxuliang@163.com', ... attachments: [{ filename: 'OpenClaw_Introduction.docx', path: filePath }] ... createAndSendWordEmail();Do not ship self-executing helper scripts that perform account actions; require an explicit command path, user parameters, and confirmation for sending attachments.
A network attacker could impersonate the mail server more easily and potentially observe mailbox credentials or email contents.
The IMAP client disables TLS certificate verification for a credential-bearing connection.
tlsOptions: { rejectUnauthorized: false },Remove rejectUnauthorized: false and rely on normal certificate validation unless the user explicitly configures a trusted certificate exception.