ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Ews Email

CLI to manage enterprise Outlook emails via Exchange Web Services (EWS). Use ews-mail.py to list, read, reply, forward, search, send, move, delete emails and...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 268 · 1 current installs · 1 all-time installs
by@guyun94
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code implements an Exchange Web Services CLI (listing, reading, sending, moving, deleting messages) which matches the name/description. However the registry metadata says "Required env vars: none" while the SKILL.md and script clearly require EWS_EMAIL and EWS_SERVER (and optionally KEYRING_CRYPTFILE_PASSWORD on headless Linux). That registry/instruction mismatch is inconsistent.
Instruction Scope
Runtime instructions are scoped to email management: installing keyring/exchangelib, storing a password in the system keyring or encrypted keyring, and running the script to list/read/send/modify mail. The script reads/writes an on-disk cache (~/.openclaw/.ews-mail-cache.json) and uses the system keyring; it does not contact unexpected external endpoints beyond the Exchange server.
Install Mechanism
This is instruction-only with one included Python script; required Python packages are standard (keyring, exchangelib, optional keyrings.alt). No remote downloads or obscure install URLs are used.
!
Credentials
Declared primaryEnv is EWS_EMAIL (appropriate). But SKILL.md and the script also require EWS_SERVER and may require KEYRING_CRYPTFILE_PASSWORD on headless Linux; these were not listed in the top-level 'Required env vars'. The script explicitly avoids storing the EWS password in env/config and instead uses the keyring, which is good, but you should confirm where KEYRING_CRYPTFILE_PASSWORD will be stored (env or config) because that master password protects the encrypted keyring file.
Persistence & Privilege
The skill is not always-enabled and does not request elevated privileges. It stores a local cache (~/.openclaw/.ews-mail-cache.json) and uses the system keyring; it does not modify other skills or system-wide agent settings.
What to consider before installing
This skill appears to be a legitimate EWS email CLI, but exercise caution before installing from an unknown source: 1) Verify and reconcile the env var requirements: set EWS_SERVER and EWS_EMAIL as documented (and KEYRING_CRYPTFILE_PASSWORD on headless Linux) — the registry entry omitted those. 2) Inspect the full script yourself (or run it in an isolated environment) since the package has no homepage and an unknown owner. 3) Be aware it will store an encrypted password via your system keyring (or an AES-encrypted keyring file if headless); protect the KEYRING_CRYPTFILE_PASSWORD and avoid putting it in world-readable config. 4) Note the script writes a cache at ~/.openclaw/.ews-mail-cache.json — protect that file. 5) If you need higher assurance, run the tool in a sandboxed account/container or ask the publisher for a verifiable source (homepage or signed release) before granting access to your mailbox.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.2.0
Download zip
latestvk97ax61yfdnb400r0s2mn0811x82kehh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📧 Clawdis
Binspython3
Primary envEWS_EMAIL

SKILL.md

EWS Email CLI

A CLI for enterprise Exchange (EWS) email. Use when the user asks about email, inbox, messages, or mail.

Setup

1. 环境变量

~/.openclaw/config.yaml 中配置:

env:
  EWS_SERVER: "your-exchange-server.com"
  EWS_EMAIL: "you@company.com"

2. 存储密码

macOS(自动使用 Keychain,无需额外配置)

pip3 install keyring exchangelib
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py setup

Linux 云服务器(无桌面环境)

脚本会自动检测 Linux 无桌面环境,切换到 EncryptedKeyring 后端(AES 加密文件存储)。

# 安装依赖
pip3 install keyring exchangelib keyrings.alt

# 设置 master password 环境变量(用于加解密 EWS 密码)
# 在 ~/.openclaw/config.yaml 中添加:
#   env:
#     KEYRING_CRYPTFILE_PASSWORD: "你自己定义的一个强密码"
#
# 或在 systemd service / 启动脚本中 export:
export KEYRING_CRYPTFILE_PASSWORD="你自己定义的一个强密码"

# 存储 EWS 密码(会用 AES 加密写入本地文件)
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py setup

# 验证
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py folder-list

重启后只要 KEYRING_CRYPTFILE_PASSWORD 环境变量还在,密码就能正常解密读取,无需重新输入。

3. 验证安装

python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py folder-list

SECURITY RULES

  • NEVER attempt to read, display, or output the EWS password.
  • NEVER run commands that could expose keyring contents.
  • NEVER include passwords in any output, log, or message.
  • The password is managed exclusively through the setup command.

IMPORTANT: Reading Email Content

To read the FULL content/body of an email, you MUST follow these two steps:

  1. First run envelope-list to get the message list (this gives you numeric IDs)
  2. Then run message-read <ID> to get the FULL email body/content

envelope-list only shows subject lines and metadata. It does NOT contain the email body. You MUST run message-read to get the actual email content. NEVER guess or summarize based on subject alone. NEVER say you cannot read email content — you CAN, by running message-read.

Script Location

~/.openclaw/skills/ews-email/scripts/ews-mail.py

Commands

List Emails (step 1 — metadata only)

python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py envelope-list
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py envelope-list --page 2 --page-size 20
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py envelope-list --folder "Sent"

Read Email Body (step 2 — REQUIRED for content)

python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py message-read <ID>

Search Emails

python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py envelope-list from sender@example.com
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py envelope-list subject keyword

Send / Reply / Forward

python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py message-send --to "email" --subject "subject" --body "body"
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py message-send --to "a@x.com" --cc "b@x.com" --subject "Hi" --body "msg"
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py message-reply <ID> --body "reply text"
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py message-reply <ID> --body "reply text" --all
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py message-forward <ID> --to "email" --body "FYI"

Other Commands

python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py folder-list
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py message-move <ID> "Archive"
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py message-delete <ID>
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py attachment-download <ID> --dir ~/Downloads
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py flag-add <ID> --flag seen
python3 ~/.openclaw/skills/ews-email/scripts/ews-mail.py flag-remove <ID> --flag seen

Tips

  • Message IDs are numeric and come from the most recent envelope-list output.
  • Always run envelope-list first before message-read, message-reply, etc.
  • Long email bodies are truncated at 8000 chars.
  • Use --page and --page-size to navigate large inboxes.

Files

2 total
Select a file
Select a file to preview.

Comments

Loading comments…