Agentmail Wrapper
v1.0.0Send, track, schedule emails with multi-provider support, verified delivery, unsubscribe management, and compliance reporting via SMTP, API, and OAuth.
⭐ 0· 773·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md/README describe an email integration that needs provider credentials (SendGrid, Mailgun, AWS SES, SMTP, Gmail OAuth) and performs sending/tracking. However the skill metadata declares no required environment variables, no required config paths, and no bundled code. That mismatch (a library-like skill but no code and no declared credential requirements) is incoherent: a real email integration normally needs API keys or OAuth credentials declared or requested.
Instruction Scope
The instructions show typical usage examples (constructing an AgentMail with provider and apiKey, webhookUrl, refresh tokens) but do not tell the agent how credentials will be provided or stored. The README suggests running npm/pip to install 'agentmail-wrapper' from public registries and configuring webhooks to external endpoints. The instructions do not ask the agent to read unrelated local files, but they are vague about credential handling and webhook destinations.
Install Mechanism
There is no install specification in the skill bundle (it is instruction-only). The README and SKILL.md recommend 'npm install agentmail-wrapper' or 'pip install agentmail-wrapper', which would pull code from external registries at runtime. The bundle itself contains only docs and package.json but no index.js or implementation files, so the skill appears to rely on an external package — that raises supply-chain risk if you or an agent actually run the install command without verifying the upstream package and repository.
Credentials
The skill logically requires multiple sensitive secrets (API keys, SMTP credentials, OAuth refresh tokens) but the registry metadata lists none. That under-declaration is a concern because an agent or a user might be prompted later to supply credentials ad hoc, and there is no declared primary credential or guidance on least-privilege. Names like 'apiKey' and 'refreshToken' appear in examples but are not captured in requires.env.
Persistence & Privilege
The skill is not 'always' enabled and allows normal agent invocation behavior. It does not request persistent system privileges in the metadata and does not claim to modify other skills or global agent settings.
What to consider before installing
This package is documentation-only in the bundle — there is no source code included and no declared credential requirements, yet the README instructs you to install the package from npm/pip and to supply API keys/OAuth tokens. Before installing or using it: 1) verify the upstream repository (https://github.com/midas-skills/agentmail-wrapper) and inspect the published package contents and recent releases; 2) confirm the package's maintainer identity and package integrity (checksums/signatures) to reduce supply-chain risk; 3) never paste production API keys or long-lived credentials without understanding where they will be stored or sent — prefer scoped keys or per-environment secrets; 4) be cautious about running 'npm install' or 'pip install' from unverified authors on sensitive systems; and 5) if you intend to use this as an agent skill, require the skill metadata to explicitly declare required credentials and verify how webhooks and tracking URLs are configured to avoid unintended data exfiltration. If you want, I can check the upstream GitHub repo (if accessible) or fetch the published npm/pypi package metadata for more evidence.Like a lobster shell, security has layers — review code before you run it.
latestvk973747y4mz4k71fj1gfqjgzzs80wm29
License
MIT-0
Free to use, modify, and redistribute. No attribution required.