Apple Mail Search
Security checks across malware telemetry and agentic risk
Overview
The skill is a coherent, read-only Apple Mail search helper, but it handles private email metadata and references a helper executable that is not included in the package.
Before installing, verify the `mail-search` executable because it is not bundled here. If you use the skill, assume search results and exports may contain private email metadata, keep searches scoped to Apple Mail, and avoid sharing generated CSV/JSON files unless you have reviewed them.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Search results or exported CSV/JSON may expose private email metadata in the agent conversation or local files.
The skill directly queries Apple Mail's local metadata database, which can reveal subjects, senders, recipients, dates, flags, and attachment names.
**Database:** `~/Library/Mail/V{9,10,11}/MailData/Envelope Index`; tables include `messages`, `subjects`, `addresses`, `recipients`, `attachments`.Use it only for intended mail searches, keep result limits tight, and review any JSON/CSV exports before sharing or storing them.
A user may need to obtain or already have a separate executable that this review did not cover.
The instructions depend on a `mail-search` executable, but the supplied artifact set is instruction-only and does not include that helper or an install spec for it.
# Copy mail-search to your PATH; cp mail-search /usr/local/bin/; chmod +x /usr/local/bin/mail-search
Install `mail-search` only from a trusted, reviewed source and remove it from `/usr/local/bin` if it is no longer needed.