Back to skill
Skillv1.0.1
ClawScan security
Nylas Email, Calendar & Contacts · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 21, 2026, 2:45 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and instructions are coherent with a Nylas integration: it only asks for a Nylas API key and tells the agent to install/use an Nylas OpenClaw plugin; nothing in the SKILL.md suggests unrelated or excessive access.
- Guidance
- This skill appears to do what it says, but before installing: 1) Verify the npm package page, publisher, and version of @nylas/openclaw-nylas-plugin on npm (confirm the maintainer is Nylas or a trusted org). 2) Use the least-privilege Nylas API key or a grant scoped to the accounts you want the plugin to access; consider creating a dedicated key for the plugin and rotate it if needed. 3) Be aware that granting the NYLAS_API_KEY gives the plugin (and any installed code it pulls) access to your emails, calendars, and contacts — treat it like a sensitive credential. 4) Note the minor metadata inconsistency: the evaluator manifest said “no install spec,” while the SKILL.md includes an npm install entry; confirm how the OpenClaw runtime will fetch the plugin and inspect the package if you want higher assurance. If any of these checks fail or the npm package publisher looks unfamiliar, do not install.
Review Dimensions
- Purpose & Capability
- okThe name and description (email, calendar, contacts via Nylas) align with the declared requirement NYLAS_API_KEY and the documented tools. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okThe runtime instructions are limited to installing the OpenClaw Nylas plugin, setting the API key, and running plugin commands (status, discover). There are no instructions to read arbitrary files, collect unrelated system state, or transmit data to endpoints outside Nylas.
- Install Mechanism
- noteThe SKILL.md metadata declares an npm install of @nylas/openclaw-nylas-plugin (a normal registry package), which is proportionate. However, the skill package manifest provided to the evaluator also stated 'No install spec — instruction-only skill', creating a minor internal inconsistency. Installing via npm is moderate-risk compared with no install, so verify the npm package and publisher before installing.
- Credentials
- okOnly one required secret (NYLAS_API_KEY) is declared and described as the primary credential; optional env vars (grant ID, API URI, timezone) are legitimate for a multi-account/timezone plugin. The requested envs match the skill's function.
- Persistence & Privilege
- okalways:false and user-invocable:true (defaults) are appropriate. The skill does not request elevated platform presence or to modify other skills' configs. Note that autonomous invocation is allowed by default on the platform (not flagged here).