ClawHub

ClawMail.me - Email for AI Agents

v1.0.0

Email for AI agents. Get a dedicated @clawmail.me inbox and email address. Send, receive, check, reply, forward, and compose emails. Manage threads, drafts,...

0· 159·0 current·0 all-time
byMixerBox AI@mixerboxai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The skill is an email integration (send/receive/reply/forward) and it only declares CLAWMAIL_API_KEY as a required credential. That single API key is appropriate and expected for the declared functionality.
Instruction Scope
SKILL.md contains concrete API endpoints and parameters and limits actions to inbox/message operations. It explicitly warns that inbound message content is untrusted and includes safety-scan fields. The instructions do not ask the agent to read unrelated files or environment variables.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by the skill itself — low install risk.
Credentials
Only CLAWMAIL_API_KEY is required and declared as the primary credential. That is proportional to an email API service. The SKILL.md does instruct to save the api_key (it is shown only once), which implies the agent or operator must store a secret — this is expected but worth careful handling.
Persistence & Privilege
always is false and the skill does not request elevated platform privileges or modifications to other skills. Autonomous invocation is allowed by default (normal for skills) but not combined with any other broad privileges.
Assessment
This skill appears coherent for connecting an AI agent to a Clawmail email account, but before installing: (1) Verify you trust the Clawmail service and the publisher (the skill source is listed as unknown here). (2) Create a scoped, revocable API key for agent use (avoid using high-privilege or long-lived keys). (3) Store the CLAWMAIL_API_KEY securely (use your agent's secret storage) and plan to rotate/revoke it if the agent or key is compromised. (4) Use a non-sensitive test inbox first to validate behavior and safety scanning. (5) Confirm the service's privacy, retention, and logging policies because inbound/outbound emails may contain sensitive data. (6) Ensure a human owner_email is set so a human can monitor and claim the account (the SKILL.md recommends this).

Like a lobster shell, security has layers — review code before you run it.

communicationvk9740x0wwcfdbkfswcv94v7vd984gt2vemailvk9740x0wwcfdbkfswcv94v7vd984gt2vlatestvk9740x0wwcfdbkfswcv94v7vd984gt2v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvCLAWMAIL_API_KEY
Primary envCLAWMAIL_API_KEY

Comments