Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Email Operations
v2.0.1邮件操作技能,通过 SMTP/IMAP 协议读取和发送邮件。当用户想要查看邮件、搜索邮件内容、 获取收件箱列表、拉取特定邮件详情、发送邮件、或需要与邮箱服务交互时,使用此技能。 无论用户是否明确提到 "IMAP" 或 "SMTP",只要涉及邮件收发操作,均可触发此技能。 适用场景:查看收件箱、搜索邮件、按条件过滤...
⭐ 0· 60·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (email read/send via IMAP/SMTP) matches the included Python code which implements IMAP/SMTP clients. However the registry metadata declares no required environment variables or primary credential while the SKILL.md and code require EMAIL_ADDRESS, EMAIL_IMAP_PASSWORD and EMAIL_SMTP_PASSWORD stored in a .env file. The credentials are relevant to the stated purpose, but the omission from metadata is an incoherence that may mislead users.
Instruction Scope
SKILL.md instructions are narrowly scoped to email operations (reading inbox, searching, fetching details, sending mail, saving attachments). It explicitly instructs users to place credentials in skills/email-operations/.env and demonstrates CLI and API usage. That instruction is within the feature scope but impacts security/usability (see environment_proportionality).
Install Mechanism
No install spec (instruction-only) and the code uses only Python standard libraries. No remote downloads or third-party package installs are required. This is low-risk for installation.
Credentials
The skill requires sensitive credentials (email address and IMAP/SMTP passwords) but the registry metadata does not list required env vars or a primary credential. Instead, SKILL.md instructs storing credentials in a .env file under the skill directory. Storing secrets in a skill subdirectory can be insecure (may be checked into repos or read by other processes). The skill requests separate IMAP and SMTP passwords (reasonable for some providers), but the metadata omission and the recommendation to keep credentials in the skill folder are disproportionate to safe handling expectations.
Persistence & Privilege
always is false and there is no indication the skill modifies other skills or system-wide settings. The skill will read/write files (the skill's .env and downloaded attachments) but does not request permanent platform-wide privileges. Agent autonomous invocation is allowed (default) — since the skill handles sensitive credentials, users should be aware of that.
What to consider before installing
This skill appears to implement the advertised IMAP/SMTP email capabilities, but exercise caution before installing. Key points: (1) It expects you to provide EMAIL_ADDRESS, EMAIL_IMAP_PASSWORD and EMAIL_SMTP_PASSWORD in a .env file stored in the skill directory — the registry metadata does NOT declare these secrets, so you might not be warned by the platform. (2) Storing credentials in a skill subfolder is risky (may be committed to source control or readable by other processes); prefer using application-specific passwords and keep .env out of shared repos. (3) The code only uses standard Python libraries and does not contact unknown endpoints, but review scripts/email_client.py yourself to confirm there are no unexpected network targets. (4) If you plan to use this in production, run it in an isolated environment, use app-specific or limited-scope credentials, and consider moving secret storage to a secure secret manager or the platform's recommended secret storage rather than a skill .env file. If you need higher confidence, request the author/source, or ask them to update the registry metadata to declare required credentials and explain how secrets are stored and protected.Like a lobster shell, security has layers — review code before you run it.
latestvk97c6a16p3e1mz2b8bkkpantw584g9vz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.