ClawHub

AgentCloak - Email Proxy that filters PII, 2FA, and password resets

v1.0.0

Secure email proxy for AI agents. Search, read, and draft emails via MCP with server-side credential isolation, PII redaction, prompt injection detection, an...

0· 574·2 current·2 all-time
by@ryanfren
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description, required binary (mcporter), and the single required env var (AGENTCLOAK_API_KEY) are consistent with an MCP-based email proxy. The advertised capabilities (search, read, draft, filtering pipeline) map to the provided mcporter call examples. Minor inconsistency: the SKILL.md shows an optional AGENTCLOAK_URL env var in self-hosting instructions but AGENTCLOAK_URL is not listed in requires.env.
Instruction Scope
SKILL.md only instructs the agent/operator to configure mcporter and call AgentCloak endpoints; it does not tell the agent to read unrelated files, access other credentials, or exfiltrate data. Self-hosting instructions include git/pnpm commands for humans to run, but there is no runtime instruction for the agent to execute those. The trust statement at the end is truncated, so some privacy claims cannot be validated from this text alone.
Install Mechanism
There is no install spec and no code files in the skill bundle (instruction-only), so nothing will be downloaded or written by the skill itself. Self-host instructions point to a GitHub repo and standard Node/pnpm tooling, but that only applies if you choose to self-host.
Credentials
The only required credential is AGENTCLOAK_API_KEY (declared as primary), which is appropriate for a proxy service. The documentation references AGENTCLOAK_URL for self-host setups but does not declare it as required; that's a small documentation gap. The larger privacy/security consideration is operational: using the hosted service means you must trust that server with your email credentials and content.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request system-level persistence or permissions beyond a single API key and use of mcporter, and it does not modify other skills' configs.
Assessment
This skill appears internally consistent for an email-proxy: it only needs an API key and the mcporter client to talk to AgentCloak. The main risk is trust: the hosted service must store your email credentials and will see (and filter) your messages. If you care about sensitive accounts, self-host instead and audit the GitHub repo before running it. Verify the mcporter binary you install is the legitimate tool referenced by your platform. Don’t assume the short privacy claims (e.g., 'API keys are hashed') are true without checking the repo or running a security review of the server code. If you proceed with the hosted option, consider testing with a low-risk account first and review the full source and privacy policy on the linked GitHub page.

Like a lobster shell, security has layers — review code before you run it.

latestvk97erkkeybsdhbdcs05q2tnn9x81ffpd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🛡️ Clawdis
Binsmcporter
EnvAGENTCLOAK_API_KEY
Primary envAGENTCLOAK_API_KEY

Comments