ClawHub

sixel-email

v1.0.6

1:1 email channel for agents — the agent can only email one address, and only that address can email the agent. Also handles the heartbeat (poll to prove you...

2· 421·0 current·0 all-time
bySixel@sixel-et
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The skill is an instruction-only adapter for the sixel.email API and only asks for a single API token (SIXEL_API_TOKEN). That matches the described purpose of a 1:1 agent<->operator email channel.
Instruction Scope
SKILL.md instructs the agent to call the sixel.email REST endpoints (send, inbox, attachments) and to optionally run a background poller that writes /tmp/sixel-inbox-latest.json and saves downloaded attachments into a dedicated downloads directory. These are reasonable for an inbox channel, but the doc assumes the presence of jq and that the operator will wire the poller to the agent’s input mechanism ('notify your agent however it accepts input'), which is vague and should be clarified before deployment.
Install Mechanism
No install spec or code is provided (instruction-only), so nothing will be written to disk by an installer. This is the lowest-risk install model.
Credentials
Only SIXEL_API_TOKEN is declared as required (primaryEnv). The documentation also refers to SIXEL_API_URL (with a sensible default) but does not list it as required; that minor mismatch should be noted. No unrelated secrets or credentials are requested.
Persistence & Privilege
The skill is not always-enabled and does not request system-wide changes or other skills' config. Autonomous invocation is allowed (platform default) but the skill does not request elevated persistence privileges.
Assessment
This skill appears to do only what it says: use the sixel.email API to send and receive messages for a single operator. Before installing, verify the following: 1) Confirm the SIXEL_API_TOKEN you receive is scoped to only the intended agent/inbox and understand its lifetime/permissions; never reuse broad or long-lived credentials. 2) Validate the SIXEL_API_URL (the SKILL.md references https://sixel.email/v1) and confirm the service's reputation and HTTPS/TLS configuration. 3) The docs assume jq is available for the background poller — either install jq or adapt the poller; ensure the poller runs in a restricted environment so it cannot be used to exfiltrate unrelated data. 4) The poller writes to /tmp and downloads attachments — follow the doc's advice: use a dedicated download directory, sanitize filenames, and avoid writing to user-supplied paths. 5) Clarify how the poller should “notify your agent” so the agent does not gain access to unintended files or system state. 6) Because the registry entry has no homepage listed but SKILL.md references https://sixel.email, consider verifying the service URL and the skill author (owner ID) out-of-band if you need a higher trust level. If any of these points are concerning or the token appears to have broader scope than a single-inbox token, treat the installation as risky and do not proceed until clarified.

Like a lobster shell, security has layers — review code before you run it.

latestvk976pgvya275yzr902ybdzhnd981tne4latest email communication monitoring securityvk97ecgc98gtttk6rtgntgr3gzh81vgnclatest email communication monitoring security heartbeatvk976pgvya275yzr902ybdzhnd981tne4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

EnvSIXEL_API_TOKEN
Primary envSIXEL_API_TOKEN

Comments