ClawHub

STM Assistant

v1.0.0

Professional email outreach on behalf of your human. Branded signatures, Reply-To routing, CC tracking.

0· 223·3 current·3 all-time
by@mouserider
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name and description describe sending email on behalf of a human; the SKILL.md only asks for mcporter/AgentMail usage, signatures, Reply-To, CC tracking, and inbox monitoring — all directly related to professional email sending.
Instruction Scope
All runtime instructions stay within the email-sending domain: they call mcporter agentmail APIs, require a hosted logo, set Reply-To and CC, and prescribe inbox polling and message labeling. The instructions do not ask the agent to read unrelated files or secrets.
Install Mechanism
Instruction-only skill with no install spec and no bundled code — nothing is downloaded or written to disk by the skill itself. It only requires the external binary 'mcporter' to be present.
Credentials
The skill declares no required env vars, but the SKILL.md depends on mcporter being configured with AgentMail or SMTP credentials outside the skill. Those credentials are effectively required for operation but are not declared; users should confirm how mcporter stores/reads credentials and ensure they trust that configuration.
Persistence & Privilege
The skill is not force-included (always: false) and does not request persistent system privileges or modify other skill configs. Normal autonomous invocation is allowed but not elevated here.
Assessment
This skill appears to do what it says: send emails from an agent inbox using mcporter/AgentMail. Before installing: (1) ensure you trust the mcporter tool and the AgentMail/S MTP provider because they will handle all message content and credentials; (2) confirm where mcporter stores credentials and secure that storage (the skill itself does not declare or manage those credentials); (3) be aware that externally hosted signature images can leak recipient/open-tracking data; (4) enforce the approval rules for high-stakes emails (legal/financial) to avoid accidental disclosure; and (5) test sending to controlled addresses before using on real contacts.

Like a lobster shell, security has layers — review code before you run it.

latestvk973xktfe6yzvpc2kw88qygvd182fy6g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📧 Clawdis
Binsmcporter

Comments