sixel-email
PassAudited by ClawScan on May 1, 2026.
Overview
The skill is a coherent email-and-heartbeat integration, but it uses an API token, sends data through an external service, and recommends a long-running poller that users should manage carefully.
Install this only if you want the agent to communicate with your configured operator through sixel.email. Use a dedicated API token, keep attachments and message contents minimal, store downloads and inbox files in private locations, and explicitly start and stop any background poller you use.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone with the configured token could use the associated Sixel email channel, so the token should be treated like a credential.
The skill requires a bearer token that lets the agent access the Sixel email API. This is expected for the integration and is disclosed in the setup instructions.
SIXEL_API_TOKEN: Your API token (starts with `sm_live_`)
Use a dedicated token for this skill, store it only in the intended OpenClaw configuration, and rotate it if exposed.
Messages, status details, and any included attachments may be transmitted through sixel.email to the configured operator.
The skill establishes an external communication channel between the agent, the Sixel service, and the operator. The one-contact limit is disclosed and purpose-aligned, but data still leaves the local environment.
Email your human operator through sixel.email. You have one allowed contact. You cannot email anyone else, and only your operator can email you.
Only enable this if you want this external email channel, and avoid sending secrets or sensitive files unless the operator explicitly needs them.
A background poller may continue making API calls and consuming inbox messages after the immediate task is done if it is not supervised.
The documentation recommends a long-running background bash loop to keep the heartbeat alive and notify the agent about messages. This supports the stated purpose but can keep operating until manually stopped.
Recommended: background poller... while true; do ... sleep 60; done
Run the poller only when needed, track its process lifecycle, and stop it when the agent session or heartbeat monitoring should end.
Important operator messages could be marked read and become unavailable to the agent if polling happens before they are processed.
Polling has an irreversible read side effect. The artifact clearly warns about it, but a crash or missed processing step could lose operator replies.
Polling returns all unread messages and marks them as read atomically. There is no way to re-fetch messages you've already polled.
Process and persist messages before polling again, and make the background poller write to a reliable, private location if used.