Back to skill
Skillv1.0.0
ClawScan security
QQ Mail · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 14, 2026, 2:17 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and required credential match its stated purpose (an IMAP/SMTP QQ Mail client) and do not request or install unrelated capabilities.
- Guidance
- This skill appears internally consistent for managing QQ Mail via IMAP/SMTP. Before installing: 1) Verify you trust the skill source/owner sinceHomepage/source is missing — review the included scripts yourself. 2) Only set QQMAIL_AUTH_CODE (the IMAP/SMTP authorization code), not your QQ account password; follow QQ's instructions for generating the授权码. 3) Be cautious when using the send-with-attachment command — it reads local file paths you provide. 4) Prefer running the script in a controlled environment (isolated account or container) and avoid placing the auth code in shared/global environment variables. 5) If you plan to allow autonomous agent invocation, remember that the agent could use your auth code to read/send mail when triggered — enable autonomy only if you trust the skill and its maintainer.
Review Dimensions
- Purpose & Capability
- okName/description (QQ Mail IMAP/SMTP client) align with the included python script and the declared requirement of QQMAIL_AUTH_CODE and python3. The script only implements email read/send/search/folder operations against imap.qq.com and smtp.qq.com — all expected for this purpose.
- Instruction Scope
- okSKILL.md instructions are specific and limited: run the provided Python script with environment variables QQMAIL_USER and QQMAIL_AUTH_CODE, enable IMAP/SMTP in QQ settings, and use the documented commands. The instructions do not ask the agent to read unrelated files or credentials, nor do they transmit data to external endpoints beyond QQ's IMAP/SMTP servers. The script does access local file paths only when the user provides an attachment path (expected).
- Install Mechanism
- okThere is no install spec and the code uses only Python standard library modules. No external downloads, package installs, or arbitrary URLs are used. Requiring python3 is proportionate.
- Credentials
- okOnly QQMAIL_USER and QQMAIL_AUTH_CODE are read by the script, matching the declared primary credential. No unrelated secrets, config paths, or additional environment variables are requested.
- Persistence & Privilege
- okThe skill is not set to always:true and does not attempt to modify other skills or system-wide settings. It runs on-demand and requires explicit environment configuration; autonomous invocation is allowed by platform default but is not combined with other red flags here.