Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Email 163 Com
v1.0.5Comprehensive Python tool for managing 163.com emails with sending, reading, searching, folder, and attachment handling via IMAP ID and SMTP.
⭐ 2· 1.8k·27 current·29 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The code (main.py), SKILL.md, README and tests all describe and implement an IMAP/SMTP client for 163.com (send/read/search/folder/attachments). The requested operations and files are coherent with an email-management tool.
Instruction Scope
Runtime instructions in SKILL.md are narrowly scoped to configuring the local config.json or optional environment variables, running CLI commands, and troubleshooting IMAP/SMTP issues. The instructions do not request unrelated files, system-wide credentials, or remote servers beyond imap.163.com and smtp.163.com.
Install Mechanism
There is no platform-level install spec, but the package contains an INSTALL.sh which copies files into ~/.openclaw/workspace/skills/, creates a symlink in ~/.local/bin and marks scripts executable. The install script does no network downloads and uses only local file operations. Having an install script in a skill that was declared 'instruction-only' is an inconsistency to note, but the script itself is not an obvious supply-chain risk.
Credentials
Top-level registry metadata provided to you lists no required env vars / primary credential, yet package.json, SKILL.md, main.py and SECURITY.md clearly expect the user's email and an authorization code (EMAIL_163_USER / EMAIL_163_PASS or config.json with email/password). The skill stores credentials in plaintext config (~/.config/email-163-com/config.json) by design (SECURITY.md notes this and recommends chmod 600). The mismatch between registry-declared requirements and actual credential needs is an incoherence and increases risk if users assume no credentials are needed.
Persistence & Privilege
Skill does not request elevated or permanent global privileges (always:false). Its install actions are limited to user home paths (~/.openclaw and ~/.config and ~/.local/bin). It does not declare modification of other skills or system configuration beyond adding a symlink and saving a config file.
What to consider before installing
This package appears to be a real 163.com email client, but there are inconsistencies you should resolve before installing: 1) The registry metadata you were shown says no credentials are required, yet package.json, SKILL.md and main.py require your 163 email address and a client authorization code (not your login password). Treat this as sensitive data. 2) The skill will create files under your home directory (~/.config/email-163-com/config.json) and a symlink in ~/.local/bin; the config file stores the auth code in plaintext (the project recommends chmod 600). 3) Verify the skill source (homepage/source repo) — top-level metadata you were given said 'unknown', but _meta.json/package.json claim a GitHub/ClawHub source; confirm the authoritative repository and maintainer. 4) If you decide to proceed: review main.py (or run in an isolated VM/container), prefer using the 163 client authorization code (not your account password), ensure the config file has strict permissions, consider disk encryption, and upload the package to VirusTotal or inspect with your security tooling. If you cannot verify origin or are uncomfortable storing the auth code, do not install.Like a lobster shell, security has layers — review code before you run it.
latestvk9710zx13cqy04sxq7njzd0n9184m420
License
MIT-0
Free to use, modify, and redistribute. No attribution required.