Email Daily Summary Zc
Automatically logs into email accounts (Gmail, Outlook, QQ Mail, etc.) and generates daily email summaries. Use when the user wants to get a summary of their...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 34 · 0 current installs · 0 all-time installs
fork of @10e9928a/email-daily-summary (based on 0.1.0)
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The described purpose (automatically logging into webmail and summarizing emails) aligns with the SKILL.md instructions (open mail pages, evaluate DOM, screenshot, extract HTML). However the package it tells users to install (browser-use) is not part of the registry install spec, and _meta.json/registry metadata differ (slug, ownerId, version/timestamp), which is an incoherence in provenance.
Instruction Scope
Runtime instructions tell the agent to open mail pages, run JavaScript in-page to extract DOM, save screenshots, and fetch full page HTML — all of which will access sensitive email content and session cookies (expected for this feature, but high sensitivity). The instructions also show using browser-use input with plaintext passwords (e.g., browser-use input "your-password"), which risks exposing credentials (shell history, logs). The SKILL.md references an API key (BROWSER_USE_API_KEY) for AI summarization but the skill declares no required env vars — a mismatch.
Install Mechanism
There is no install spec in the registry entry; instead the SKILL.md instructs users to run a pip install (uv pip install browser-use[cli]) and run browser-use install. 'browser-use' is a third-party package invoked with no provenance here, and the command contains a probable typo ('uv pip'). Installing arbitrary pip packages can execute arbitrary code and add binaries to the system; that is higher risk and should be specified in the registry with provenance and reviewable install artifacts.
Credentials
The skill declares no required environment variables but the instructions reference an optional BROWSER_USE_API_KEY for AI summarization and show entering email/password into commands. Reusing a real browser session implies access to cookies and other logged-in services beyond email. Requesting or prompting for credentials without declaring them and without clear secure handling is disproportionate and risky.
Persistence & Privilege
The skill does not request always:true and does not modify other skills, but it instructs users to create cron or launchd jobs to run the summarization periodically. Scheduling a job is normal for this use case but increases persistence and the blast radius if the underlying tool (browser-use) or the script mishandles credentials or exfiltrates data.
What to consider before installing
This skill's behavior (opening webmail, scraping page HTML, saving screenshots, and possibly using an API key) is coherent with producing email summaries, but there are several red flags you should consider before installing or running it:
- The SKILL.md instructs installing a third-party pip package (browser-use) via an ad-hoc command. Only install packages you have reviewed from trusted sources; this package will run code on your machine and could add binaries.
- The instructions demonstrate inputting passwords directly (browser-use input "your-password"). Avoid entering credentials in scripts or CLI commands; prefer OAuth or browser session reuse and ensure secrets are not stored in scripts, logs, or shell history.
- The skill references an API key (BROWSER_USE_API_KEY) for AI summarization but the registry lists no required env vars. If you provide any API keys, ensure you understand where they are used and stored.
- The registry metadata and the included _meta.json show inconsistencies (different ownerId, slug, version/timestamp). That makes provenance unclear; prefer skills with clear, consistent metadata and a known homepage/source.
- Scheduling the script (cron/launchd) makes any misbehavior persistent — only schedule it after verifying the installed tooling and scripts in an isolated environment.
What to do before proceeding:
1. Inspect the 'browser-use' package (PyPI project page, source repo, release artifacts) and confirm its trustworthiness.
2. Test in a disposable/isolated environment (VM or container) first; do not give real credentials during initial testing.
3. Prefer OAuth/official APIs (Gmail/Outlook APIs) over screen-scraping when possible; official APIs provide scoped tokens and auditability.
4. If you must use this approach, avoid storing passwords in scripts and configure logging so sensitive inputs are not captured. Remove persistent jobs until you have audited the tool.
Given these mismatches and risks, treat the skill as suspicious unless you can validate the 'browser-use' tool and the skill provenance.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Email Daily Summary Skill
这个技能帮助你自动登录邮箱,获取邮件内容,并生成每日邮件总结。
功能特性
- 🔐 支持多种邮箱登录(Gmail、Outlook、QQ 邮箱、163 邮箱等)
- 📧 自动获取最新邮件列表
- 📝 智能生成邮件摘要
- 🏷️ 按重要性/发件人/主题分类
- 📊 生成每日邮件统计报告
前置要求
- 安装 browser-use CLI:
uv pip install browser-use[cli]
browser-use install
- 确保已在浏览器中登录过邮箱(使用 real 模式可直接复用登录状态)
使用方法
方式一:使用已登录的浏览器(推荐)
使用 --browser real 模式可以复用你 Chrome 浏览器中已登录的邮箱会话:
# Gmail
browser-use --browser real open https://mail.google.com
# Outlook
browser-use --browser real open https://outlook.live.com
# QQ 邮箱
browser-use --browser real open https://mail.qq.com
# 163 邮箱
browser-use --browser real open https://mail.163.com
方式二:手动登录流程
如果需要手动登录,使用 --headed 模式查看操作过程:
# 打开邮箱登录页面(以 Gmail 为例)
browser-use --headed open https://accounts.google.com
# 查看页面元素
browser-use state
# 输入邮箱地址(根据 state 返回的索引)
browser-use input <email_input_index> "your-email@gmail.com"
browser-use click <next_button_index>
# 输入密码
browser-use input <password_input_index> "your-password"
browser-use click <login_button_index>
# 跳转到邮箱
browser-use open https://mail.google.com
获取邮件列表
登录成功后,获取邮件列表:
# 获取当前页面状态,查看邮件列表
browser-use state
# 截图保存当前邮件列表
browser-use screenshot emails_$(date +%Y%m%d).png
# 使用 JavaScript 提取邮件信息(Gmail 示例)
browser-use eval "
const emails = [];
document.querySelectorAll('tr.zA').forEach((row, i) => {
if (i < 20) {
const sender = row.querySelector('.yX.xY span')?.innerText || '';
const subject = row.querySelector('.y6 span')?.innerText || '';
const snippet = row.querySelector('.y2')?.innerText || '';
const time = row.querySelector('.xW.xY span')?.innerText || '';
emails.push({ sender, subject, snippet, time });
}
});
JSON.stringify(emails, null, 2);
"
使用 Python 生成邮件总结
# 初始化邮件数据收集
browser-use python "
emails_data = []
summary_date = '$(date +%Y-%m-%d)'
"
# 滚动页面加载更多邮件
browser-use python "
for i in range(3):
browser.scroll('down')
import time
time.sleep(1)
"
# 提取邮件数据(需要根据实际邮箱 DOM 结构调整)
browser-use python "
import json
# 获取页面 HTML 进行解析
html = browser.html
# 这里需要根据具体邮箱服务解析 HTML
# 示例:统计基本信息
print(f'=== 邮件日报 {summary_date} ===')
print(f'页面 URL: {browser.url}')
print(f'页面标题: {browser.title}')
"
# 截图保存
browser-use python "
browser.screenshot(f'email_summary_{summary_date}.png')
print(f'截图已保存: email_summary_{summary_date}.png')
"
完整的每日邮件总结脚本
创建一个完整的总结流程:
#!/bin/bash
# email_daily_summary.sh
DATE=$(date +%Y-%m-%d)
TIME=$(date +%H:%M:%S)
OUTPUT_DIR="./email_summaries"
mkdir -p "$OUTPUT_DIR"
echo "=========================================="
echo "📧 邮件日报生成中..."
echo "日期: $DATE $TIME"
echo "=========================================="
# 1. 打开邮箱(使用已登录的浏览器)
browser-use --browser real open https://mail.google.com
# 2. 等待页面加载
sleep 3
# 3. 获取页面状态
echo ""
echo "📋 当前邮箱状态:"
browser-use state
# 4. 截图保存邮件列表
echo ""
echo "📸 保存截图..."
browser-use screenshot "$OUTPUT_DIR/inbox_$DATE.png"
# 5. 提取邮件数据
echo ""
echo "📊 邮件统计:"
browser-use eval "
(() => {
const unreadCount = document.querySelectorAll('.zE').length;
const totalVisible = document.querySelectorAll('tr.zA').length;
return JSON.stringify({
unread: unreadCount,
visible: totalVisible,
timestamp: new Date().toISOString()
});
})()
"
# 6. 关闭浏览器
echo ""
echo "✅ 完成!截图保存至: $OUTPUT_DIR/inbox_$DATE.png"
browser-use close
支持的邮箱服务
生成 AI 邮件摘要
如果配置了 API Key,可以使用 AI 自动生成邮件摘要:
# 使用 AI 提取邮件摘要(需要 BROWSER_USE_API_KEY)
browser-use --browser real open https://mail.google.com
browser-use extract "提取前 10 封邮件的发件人、主题和摘要,按重要性排序"
定时任务设置
macOS/Linux (crontab)
# 编辑 crontab
crontab -e
# 添加每日早上 9 点执行的任务
0 9 * * * /path/to/email_daily_summary.sh >> /path/to/logs/email_summary.log 2>&1
macOS (launchd)
创建 ~/Library/LaunchAgents/com.email.dailysummary.plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.email.dailysummary</string>
<key>ProgramArguments</key>
<array>
<string>/bin/bash</string>
<string>/path/to/email_daily_summary.sh</string>
</array>
<key>StartCalendarInterval</key>
<dict>
<key>Hour</key>
<integer>9</integer>
<key>Minute</key>
<integer>0</integer>
</dict>
<key>StandardOutPath</key>
<string>/tmp/email_summary.log</string>
<key>StandardErrorPath</key>
<string>/tmp/email_summary_error.log</string>
</dict>
</plist>
加载任务:
launchctl load ~/Library/LaunchAgents/com.email.dailysummary.plist
输出示例
生成的邮件总结报告格式:
==========================================
📧 邮件日报 - 2026-01-30
==========================================
📊 统计概览:
- 未读邮件: 12 封
- 今日新邮件: 28 封
- 重要邮件: 5 封
🔴 重要邮件:
1. [工作] 来自 boss@company.com
主题: 项目进度汇报 - 紧急
时间: 09:30
2. [财务] 来自 finance@bank.com
主题: 账单提醒
时间: 08:15
📬 今日邮件分类:
- 工作相关: 15 封
- 订阅通知: 8 封
- 社交媒体: 3 封
- 其他: 2 封
💡 建议操作:
- 回复 boss@company.com 的邮件
- 处理 3 封需要审批的邮件
==========================================
安全提示
⚠️ 重要安全建议:
- 不要在脚本中明文保存密码,优先使用
--browser real模式复用已登录会话 - 敏感信息使用环境变量存储
- 定期检查授权应用,移除不需要的第三方访问
- 启用两步验证保护邮箱安全
- 日志文件不要包含敏感信息
故障排除
登录失败?
# 使用 headed 模式查看登录过程
browser-use --browser real --headed open https://mail.google.com
页面元素找不到?
# 等待页面完全加载
sleep 5
browser-use state
会话过期?
# 关闭所有会话重新开始
browser-use close --all
browser-use --browser real open https://mail.google.com
清理
完成后记得关闭浏览器:
browser-use close
Files
2 totalSelect a file
Select a file to preview.
Comments
Loading comments…