ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Delivery Notifier

v1.0.0

Fetches delivery emails from Gmail, extracts tracking info from selected couriers, filters marketing messages, and sends WhatsApp alerts for personal deliver...

0· 299·1 current·1 all-time
by@o0o-sp
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill claims to fetch delivery emails and send WhatsApp alerts for the user, which is plausible, but there are multiple mismatches: the registry lists no required environment variables yet the code reads GMAIL_ADDRESS and GMAIL_APP_PASSWORD; SKILL.md tells you to edit the script to add credentials, while the code expects env vars; SKILL.md and the code disagree on the state file path. The SKILL.md also hard-codes a WhatsApp recipient (+40746085791 ‘Stefan’), which is not coherent with a personal notifier that should deliver notifications to the installing user.
!
Instruction Scope
Runtime instructions and the code instruct scanning the user's Gmail inbox and storing/sendings results. The manifest and SKILL.md instruct storing or editing credentials in a script file or using env vars, which risks exposing sensitive Gmail credentials. SKILL.md explicitly lists a non-user WhatsApp target; that means personal email-derived data would be sent to a third party. The main script is truncated in the supplied listing, so the exact WhatsApp sending mechanism isn't visible — but the presence of a hard-coded external recipient is a clear scope/privacy concern.
Install Mechanism
No install spec is provided (instruction-only install), so no remote code is downloaded at install time. The skill does include Python scripts in the bundle, so code will run locally; absence of an external download lowers installation risk but does not remove the privacy/credential issues.
!
Credentials
The registry declares no required environment variables, yet the code expects GMAIL_ADDRESS and GMAIL_APP_PASSWORD. The SKILL.md implies credentials will be edited into a local file. Neither the required Gmail credentials nor any WhatsApp credentials are declared in metadata; requiring Gmail app passwords (sensitive secrets) is reasonable for this feature, but the omission from metadata and the hard-coded external recipient are disproportionate and suspicious. The skill may also need WhatsApp credentials or an external service token (not declared).
Persistence & Privilege
always:false (good), and the skill is user-invocable and may be invoked autonomously by the agent (platform default). Autonomous invocation combined with the noted credential access and hard-coded external recipient increases the potential blast radius if the skill runs repeatedly, but there is no request for platform-wide privileges or permanent inclusion.
What to consider before installing
Do not install or run this skill until you verify and fix multiple issues. Specific actions to take before trusting it: - Inspect the full send_whatsapp implementation (the main file is truncated in the listing). Verify exactly where messages are sent and whether any external API keys or endpoints are embedded. - Remove or replace the hard-coded WhatsApp recipient (+40746085791). A notifier should send alerts to a contact you control; a hard-coded third-party number is a privacy/exfiltration risk. - Confirm how credentials are provided: prefer using environment variables scoped to a disposable/test account rather than embedding your primary Gmail credentials in a file. Do not provide your real Gmail app password until you audit the code. - Fix metadata: the registry should declare required env vars (GMAIL_ADDRESS, GMAIL_APP_PASSWORD) and any other credentials the code uses. Mismatched paths (state file vs SKILL.md) should be reconciled. - Run the debug script in a safe test inbox (and without any WhatsApp-sending enabled) to validate email fetching behavior and ensure no unexpected network calls. - If you cannot audit the send_whatsapp logic or confirm the recipient, avoid using this skill with real personal accounts. If you obtained this from a third party, ask the publisher to explain why a fixed external number is present and to provide a version that sends only to the installing user.

Like a lobster shell, security has layers — review code before you run it.

latestvk974nc1en63198e4pyxrnj3zps82c9st
299downloads
0stars
1versions
Updated 24m ago
v1.0.0
MIT-0
@o0o-sp
latest
Download

Delivery Notifier

Fetches delivery notifications from Gmail and sends formatted WhatsApp alerts for personal deliveries.

How It Works

  • Scans your Gmail inbox for delivery-related emails
  • Identifies couriers (AliExpress, DHL, FAN Courier, KROM, Temu, etc.)
  • Extracts tracking numbers when available
  • Filters out marketing emails from AliExpress, Temu, etc.
  • Sends WhatsApp notifications for personal deliveries
  • Tracks sent notifications to avoid duplicates

Configuration

Edit /home/o0o/.openclaw/skills/delivery-notifier/scripts/delivery_notifier.py to customize:

  • EMAIL settings: Your Gmail credentials
  • WHATSAPP target: +40746085791 (Stefan)
  • EXCLUDED_SENDERS: Marketing couriers to filter (AliExpress, Temu, etc.)

Usage

Run manually:

python3 /home/o0o/.openclaw/skills/delivery-notifier/scripts/delivery_notifier.py

Or set up as a cron job:

# Every 15 minutes
*/15 * * * * /usr/bin/python3 /home/o0o/.openclaw/skills/delivery-notifier/scripts/delivery_notifier.py

Output Format

📦 LIVRARE NOUĂ

🏢 Curier: FAN Courier
📋 Trimitere: #PO-167
📄 Mesaj: FAN Courier - Comanda dumneavoastră a fost expediată

---
Generat automat de OpenClaw Delivery Notifier

State Management

  • Notifications are stored in /home/o0o/.openclaw/skills/delivery-notifier/scripts/state.json
  • Keeps track of sent notifications to avoid duplicates
  • Old notifications expire automatically (keeps last 100)

Comments

Loading comments...