Custom Smtp Sender
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked incorrectly or autonomously, the agent could send messages or local files externally from the user's email account.
The tool can send outbound email to arbitrary recipients and attach arbitrary local file paths, but the artifacts do not show recipient/domain limits, attachment restrictions, or a mandatory confirmation step.
parser.add_argument('--to', required=True, help="Recipient email address") ... parser.add_argument('--attachments', nargs='*', help="List of file paths to attach") ... server.send_message(msg)Require an explicit confirmation showing recipient, subject, body preview, and full attachment paths before sending; consider allowlisting recipients or restricting attachment directories.
The skill can send email as the configured account, which could affect reputation, privacy, or account security if misused.
The code reads a local SMTP configuration containing account credentials and authenticates as that account. This credential/config dependency is high-impact and is not reflected in the registry's declared credential/config requirements.
CONFIG_PATH = "/home/bb/.openclaw/smtp-config.json" ... server.login(config['username'], config['password'])
Declare the SMTP config path and credential requirement in metadata, use a dedicated SMTP/app password with least privilege, and avoid using a primary mailbox password.
Users may believe failed sends are retried and that sent-email/error audit logs exist when they do not.
The documentation promises retry and logging/audit behavior, but the included source sends once and contains no retry loop or logging implementation.
- **Retries**: Attempts to resend in case of temporary failures. - **Logging**: Maintains a log of sent emails and errors for auditing.
Either implement retry and logging with clear storage location/retention, or remove those claims from the documentation.
Users may need to manually inspect how the code is wired before trusting it with SMTP credentials.
The skill includes executable Python code and SKILL.md examples for a custom-smtp-sender command, but no install spec or wrapper is provided to explain how that command is installed or invoked.
No install spec — this is an instruction-only skill.
Provide a clear install/run mechanism, pin any future dependencies, and ensure the documented command matches the included executable.