Gmail Inbox Zero Traige
WarnAudited by ClawScan on May 10, 2026.
Overview
The Gmail triage purpose is coherent, but this skill needs review because it requires broad Gmail read/modify access, suggests persistent credential/environment changes, stores email state locally, and references missing helper scripts.
Only install after confirming you are comfortable granting Gmail read/modify access. Review the actual helper scripts before use, avoid putting GOG_KEYRING_PASSWORD in a shell profile, use a private Telegram chat, and carefully review queued archive/filter actions before executing them.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill can let the agent read inbox contents and make changes to Gmail under the user's account.
This shows the skill needs delegated Gmail OAuth access that can read and modify mail. That is central to the purpose, but it is high-impact and is not reflected in the registry requirements or credential declarations.
**Requires:** `gog` CLI with authenticated Gmail account... **Read/modify permissions** - gog only gets access to what user grants
Declare the gog binary, Gmail OAuth credential, required env vars, and exact Gmail scopes in metadata; show the selected account and requested scopes before use.
A mistaken click or inaccurate summary could archive messages, mark them read, or hide future messages from a sender.
Batch execution is expected for inbox triage, but the documented actions can change many messages and create filters affecting future email without a described final review or undo flow.
User clicks "Done" button to execute all queued actions in batch... **🔍 Filter** - Create filter to auto-archive future emails from sender
Add a final confirmation listing every queued action, require explicit approval for filter creation, and document how to undo archives and remove created filters.
The keyring password may be exposed to local processes or shell/profile readers, and HOME changes can redirect where tools look for profiles, credentials, and files.
Persisting a keyring password in a shell profile increases credential exposure, and globally changing HOME to /root is not clearly necessary for Gmail triage.
For persistent setup, add to your shell profile (`~/.bashrc` or `~/.zshrc`): export HOME=/root export GOG_KEYRING_PASSWORD="your-password"
Avoid storing the keyring password in shell profiles; use a secret manager or scoped service environment, and do not change HOME globally unless the deployment environment specifically requires it and the impact is explained.
The package as reviewed cannot verify the code that would perform Gmail changes, and relative script paths could fail or resolve to unexpected local files in some environments.
The provided manifest contains only markdown files and no scripts, yet the documented workflow depends on these helpers for Gmail operations and batch execution.
scripts/ │ ├── gog_processor.py # Gmail operations via gog │ ├── queue_manager.py # Action queue management │ └── execute_queue.py # Batch execution
Package the referenced scripts with the skill, pin/provide provenance for dependencies, and resubmit the executable files for review before users rely on the workflow.
Email subjects, senders, message identifiers, summaries, or action choices may remain in local files longer than expected.
The skill stores retrieved email batch state and queued actions locally, but only the action queue is described as temporary and cleared after execution; current_batch retention and protection are not specified.
Fetch inbox messages and save to `current_batch.json`... Queue is managed via `scripts/queue_manager.py` and stored in `action_queue.json`.
Document exactly what is stored, store only minimal identifiers, restrict file permissions, and clear both current_batch.json and action_queue.json after each session.
Anyone with access to the relevant Telegram chat or bot interactions could potentially see email information or trigger actions, depending on the surrounding bot configuration.
Telegram interaction is an advertised feature, but it means email summaries, full email views, and mutation controls are exposed through the configured Telegram channel.
**Telegram buttons** - Archive, Filter, Unsubscribe, View... **📧 View** - Show full email content
Use only private Telegram chats for this skill and require callback handling to verify the initiating user/session before executing Gmail actions.
A user may archive, filter, or ignore important financial, legal, security, or personal messages based on an incomplete summary.
This wording encourages reliance on short AI summaries for deciding email actions, even though summaries can omit important context.
**Trust AI summaries** - They're accurate enough for quick decisions
Tell users to open and review important or sensitive messages before applying actions, and avoid claiming summaries are always accurate enough.