MailWise
Security checks across static analysis, malware telemetry, and agentic risk
Overview
MailWise is coherent for email knowledge-base search, but it can index broad private email archives and send email excerpts to Anthropic without clear per-use approval or retention boundaries.
Use MailWise only with email archives you are allowed to index. Before running `mailwise index`, confirm the selected folders and where the index is stored. Before running `mailwise analyze`, assume relevant email excerpts may be sent to Anthropic and get approval or redact sensitive content first.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sensitive emails could be retained in a local index and later surfaced by the agent outside the original task context.
The skill is designed to build a persistent searchable knowledge base from potentially broad private email archives, but the artifacts do not clearly specify path limits, exclusions, retention, or deletion controls.
index thousands of EML files locally ... Semantic search ... across your entire email archive
Only index approved mail folders, exclude sensitive mailboxes, verify where the index is stored, and add or request clear retention and deletion guidance.
Private or regulated email content may leave the local machine and be processed by an external provider.
The external transfer is disclosed and purpose-aligned, but it involves email excerpts and the workflow does not require an explicit user approval, redaction, or review step before sending.
External LLM command (`analyze`): Sends email excerpts to the Anthropic API via Claude Code CLI. Do not use on sensitive emails unless your org's data policy permits it.
Require explicit user approval before `mailwise analyze`, review/redact excerpts first, and use it only where organizational policy allows Anthropic processing.
Analysis requests may be made under the user's Anthropic account and could incur account usage or expose data according to that account's settings.
The skill may use a Claude login session or Anthropic API key for analysis; this is expected for the stated LLM feature, but users should understand which account and credential are used.
The `analyze` command requires Claude Code CLI — run `claude` once to authenticate, or set `ANTHROPIC_API_KEY`
Use an approved account or scoped API key, avoid sharing credentials, and ensure the credential requirement is visible to users.
Installing the skill depends on the integrity of the external package and its dependencies.
The reviewed artifacts are instruction-only while the runtime behavior comes from an external PyPI package, which is normal for a CLI skill but leaves package code outside this scan.
uv | package: mailwise | creates binaries: mailwise
Install from trusted package sources, verify the package matches the advertised homepage, and pin or review versions where possible.