ClawHub

tencent-exmail

v1.0.0

腾讯企业邮箱(exmail.qq.com)收发邮件技能。当用户想要发送邮件、查看收件箱、搜索邮件、下载附件、实时监听新邮件、或对腾讯企业邮箱进行任何邮件操作时触发。支持 IMAP/SMTP 协议,SSL 加密,附件上传/下载,邮件搜索,IMAP IDLE 实时推送通知。关键词:企业邮箱、exmail、腾讯邮件、发...

1· 159·0 current·0 all-time
by@nopassword2000
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description describe IMAP/SMTP mailbox operations and the package requests only python3 plus an IMAP client library and the mailbox credentials (EXMAIL_ADDRESS, EXMAIL_PASSWORD), which are exactly what is needed to implement the advertised features.
Instruction Scope
SKILL.md and the scripts only instruct the agent to connect to the declared IMAP/SMTP hosts (imap.exmail.qq.com / smtp.exmail.qq.com), read/write mailbox data, download/upload attachments from local paths, and optionally write a JSON hook file. There are no instructions to read unrelated system files, contact unknown remote endpoints, or exfiltrate data beyond the mail servers and user-specified local hook path.
Install Mechanism
No remote install/download step is present; code is bundled with the skill. The only dependency is imapclient (pip), and SKILL.md documents installing it with pip3. No external arbitrary URLs or archive extraction operations are used.
Credentials
The skill requires only EXMAIL_ADDRESS and EXMAIL_PASSWORD, which are directly needed to authenticate to IMAP/SMTP. No unrelated credentials or broad environment/config path access is requested.
Persistence & Privilege
Skill is not always-enabled and does not request elevated privileges or modify other skills; it writes only to user-specified local files (e.g., hook JSON, downloaded attachments) which is appropriate for its functionality.
Assessment
This skill appears to do exactly what it claims: send, read, search, download attachments, and optionally listen for new messages via IMAP IDLE. Before installing, consider: (1) it requires your mailbox address and password (use an app/client-specific password if your account is bound to WeChat), (2) the watcher can write a JSON hook file to a path you provide—avoid using sensitive system paths, (3) attachment download/save operations will write files to locations you specify—ensure those paths are safe on shared machines, and (4) the skill bundles Python scripts locally and asks you to pip install imapclient for IMAP IDLE; review the included scripts if you want to verify behavior. If you are okay giving the skill your mailbox credentials and allowing it to read/write files you specify, proceeding is reasonable.

Like a lobster shell, security has layers — review code before you run it.

latestvk973f6ahmrb1zhn2vyp0mxhnq5833hgp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📧 Clawdis
Binspython3
EnvEXMAIL_ADDRESS, EXMAIL_PASSWORD

Comments