Back to skill
Skillv0.1.1
ClawScan security
Greek Email Processor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 21, 2026, 7:56 AM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's requested tools and credentials match its stated purpose (IMAP-based email processing for Greek accounting) and it is instruction-only with no install or code to review, but exercise standard caution with the required email credentials and optional integrations.
- Guidance
- This skill appears coherent for IMAP-based Greek accounting email processing, but take these precautions before installing: 1) Use app-specific, least-privilege IMAP credentials (read-only) and prefer OAuth (Gmail/Outlook) where supported. 2) Be cautious about providing optional credentials (SMTP, Slack webhook, Calendar) — only supply them if you need those features. 3) The SKILL.md suggests running `sudo apt install jq curl` if missing — avoid running package installs blindly on production systems; install dependencies through your normal provisioning process. 4) Verify the upstream repository (the homepage URL) and review any actual implementation code if you plan to run this in a sensitive environment — this skill is instruction-only in the registry, so runtime behavior depends on the agent executing those instructions. 5) Rotate credentials regularly and monitor the OPENCLAW_DATA_DIR for unexpected files or forwarding rules if enabling automated forwarding or auto-responses.
Review Dimensions
- Purpose & Capability
- okName/description match the requirements: IMAP host/user/password and a data directory are expected for an email-processing skill. Required binaries (curl, jq) are reasonable for IMAP access and simple parsing. Optional OAuth/SMTP/Slack/Calendar config entries align with the advertised features.
- Instruction Scope
- okSKILL.md instructs the agent to connect to IMAP, download attachments, classify Greek financial documents, and place them under OPENCLAW_DATA_DIR. It recommends read-only/app-specific credentials and human approval before sending auto-responses. There are no instructions to read unrelated system files or to transmit data to unexpected remote endpoints (only optional integrations are declared).
- Install Mechanism
- okNo install spec or downloads are present (instruction-only), so no code is written to disk by the skill itself. The only runtime suggestion is to install jq/curl via apt if missing, which is normal but will require host privileges if executed.
- Credentials
- noteThe required environment variables are proportional: OPENCLAW_DATA_DIR and IMAP_HOST/IMAP_USER/IMAP_PASSWORD are necessary for IMAP-based processing. IMAP_PASSWORD is sensitive — the SKILL.md advises app-specific and read-only credentials. Several optional credentials/webhooks (SMTP, Google/Microsoft OAuth, Slack) are listed; these are plausible for optional features but increase attack surface if provided.
- Persistence & Privilege
- okThe skill does not request always:true and does not modify other skills or platform config. It is user-invocable and can run autonomously (platform default). No instructions indicate it persists beyond creating/using the stated OPENCLAW_DATA_DIR directories.