Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
fruitmail — Apple Mail Search
v1.1.0Fast Apple Mail search via SQLite on macOS. Search emails by subject, sender, date, body, threads, attachments — results in ~50ms vs 8+ minutes with AppleScr...
⭐ 0· 73·0 current·0 all-time
byRahul Sethuram@rhlsthrm
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the actual behavior: the instructions and bundled shell script directly query Mail.app's Envelope Index via sqlite3 and read .emlx files. Required binaries (sqlite3, python3) and macOS-only restriction are appropriate and proportional.
Instruction Scope
The SKILL.md and script legitimately read ~/Library/Mail and .emlx files and ask for Full Disk Access — that's expected. However the script builds SQL queries and command lines by interpolating user-supplied values (e.g., SEARCH and MSG_ID) directly into SQL and shell commands without robust validation or parameterization. Examples: WHERE ... LIKE '%${SEARCH//\'/'\'}%' and WHERE ROWID = $MSG_ID; the body path is embedded into a python -c string as '$EMLX'. These patterns leave room for SQL injection or shell/argument injection, and if the user uses --no-copy the live DB could be affected. The script attempts a simplistic quote replacement for SEARCH but does not enforce numeric checks for MSG_ID or otherwise sanitize inputs fully.
Install Mechanism
Instruction-only skill with no automated installer; install instructions simply copy a script into ~/bin. No network downloads or arbitrary code fetches are performed by the skill itself, so install risk is low — but the user is explicitly asked to place the script on PATH, so they should review it before doing so.
Credentials
No credentials, environment secrets, or unrelated config paths are requested. The only privileged access required is Full Disk Access to read ~/Library/Mail, which is necessary to accomplish the stated purpose.
Persistence & Privilege
The skill is not force-enabled (always: false) and does not request persistent system-wide configuration changes. It is user-invocable only; autonomous invocation is allowed by default but not combined with additional privileges here.
What to consider before installing
This skill is coherent with its purpose (fast local search of Apple Mail), but the shipped shell script performs unescaped string interpolation into SQL and shell contexts. Before installing or automating it: 1) Review the script line-by-line (especially the SQL construction and the body/open commands). 2) Prefer the default behavior (copying the DB) and avoid --no-copy unless you trust inputs — querying the live DB plus injection could modify mail data. 3) If you will expose this to other actors or automate it, harden the script: validate that MSG_ID is an integer, avoid injecting user strings directly into SQL (use parameterized queries or ensure proper escaping), and safely quote filenames passed to python. 4) Only grant Full Disk Access to Terminal/shell if you trust the script. 5) If unsure, run the script against a copied/mounted test mailbox first or consider using a vetted third-party tool. If you want, I can point out the exact lines to change to reduce injection risk or provide a hardened version of the script.Like a lobster shell, security has layers — review code before you run it.
latestvk976k712gk1rs2w9w9mr5nc9r583asrd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📬 Clawdis
OSmacOS
Binssqlite3, python3