ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Mail Summary

v1.1.6

Fetch Gmail emails from the last 24h, rank by importance, summarize into bullet points, and auto-create Google Calendar events for detected meetings.

0· 78·0 current·0 all-time
by@russidan-nadee
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code files implement exactly what the description promises: reading Gmail (readonly), summarizing, detecting meetings, and creating Calendar events. The requested Google OAuth credentials and token storage are consistent with that purpose.
!
Instruction Scope
Agent instructions require the agent to write the user's client_secret JSON to disk and run multiple scripts itself (setup_auth.py, fetch_emails.py, etc.). This is expected for OAuth, but the SKILL.md / agent instructions say to write the client_secret file to the project root while the code (find_credentials_file) looks in ~/.openclaw/config/mail-summary — a direct inconsistency that will break the flow unless the agent moves files. The setup process also tells the agent to print auth URLs and accept the redirect URL from the user (normal OAuth), but instructing the agent to write sensitive client secrets to disk should be done deliberately and with the correct target path.
Install Mechanism
No install spec (instruction-only), so nothing is downloaded automatically. Code will be executed by the agent from the skill folder. Note: requirements.txt does not include 'psutil', but several scripts import or require psutil (refresh_service.py), so the provided dependency list is incomplete and will cause runtime errors unless corrected.
Credentials
No environment variables or unrelated credentials are requested; instead the skill uses OAuth client secrets and token.json which is appropriate for Gmail/Calendar access. The code stores tokens under ~/.openclaw/config/mail-summary which is reasonable but does give the skill persistent access to a filesystem location under the user's home — verify permissions and trust for stored tokens.
!
Persistence & Privilege
The skill attempts to start a long-running refresh_service that refreshes OAuth tokens every 30 minutes. setup_auth.py tries to auto-run refresh_service.py after auth using subprocess.run (blocking call) — this is likely to hang the auth script because refresh_service loops forever. The skill will create persistent artifacts (token.json, lock file) and may spawn a background process; this elevated persistence should be expected and authorized explicitly by the user.
What to consider before installing
This skill appears to implement the advertised Gmail summary + calendar creation, but it has several implementation problems and some persistence behavior you should be aware of: - Credential placement mismatch: The SKILL.md / agent instructions tell the agent to save the user-provided client_secret_*.json in the project root, but the code's find_credentials_file() looks in ~/.openclaw/config/mail-summary. Confirm where the agent will place the file (preferably ~/.openclaw/config/mail-summary) or update the code/instructions before running. - Sensitive files written to disk: The agent is instructed to write the user-provided client_secret file and the resulting token.json to disk. Only proceed if you trust the skill/source and you understand these files grant access to your Gmail and Calendar (scopes: gmail.readonly and calendar.events). - Missing dependency: refresh_service.py uses psutil but requirements.txt does not list it. Install psutil (pip install psutil) or add it to requirements.txt to avoid runtime failure. - Blocking auto-run of refresh service: setup_auth.py attempts to run refresh_service.py with subprocess.run, which will block because refresh_service loops forever. This will likely hang the auth process. Instead, run refresh_service.py in the background yourself (e.g., nohup/pythonw, systemd, or use subprocess.Popen), or modify setup_auth.py to spawn it as a daemon. - Persistence and cleanup: The skill creates ~/.openclaw/config/mail-summary/token.json and a refresh_service.lock file in the scripts folder. If you later uninstall, remove these files and stop the background process to revoke persistent access. - Source trust: The skill's Homepage is missing and the repository is unknown; because the skill will receive OAuth credentials and store tokens locally, only install if you trust the code. Review the scripts locally or run them in an isolated environment before granting access. If you want help: I can produce a patched setup_auth.py that launches refresh_service.py in the background safely, update instructions to use the CREDENTIALS_DIR path, and add psutil to requirements.txt so installation works as intended.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e9ebgafzc3z5yb7etx6yan983mfgq

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments