ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Email Send Skill

v1.0.1

基于 Nodemailer 的邮件发送技能。使用 nodemailer + SMTP 向任意邮箱发送邮件。支持 163、QQ、Gmail 等主流 SMTP 服务。当用户请求发送邮件时触发。

0· 33·0 current·0 all-time
by周小虎@anbangzhiguo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name/description (send email via nodemailer+SMTP) matches the included code (scripts/send.js). However registry metadata listed no required environment variables while SKILL.md declares several required SMTP variables (SMTP_HOST, SMTP_USER, SMTP_PASS, etc.). That mismatch is an incoherence in the package metadata versus the runtime instructions.
Instruction Scope
SKILL.md instructs the agent to run the bundled Node script via exec (npm install then node scripts/send.js) and shows examples that set SMTP credentials via environment variables inline. The instructions do not attempt to read unrelated files or exfiltrate data to external endpoints beyond the SMTP server, but they do place sensitive credentials into the process environment (and example inline env assignment can expose secrets in shell history or process listings).
Install Mechanism
No automatic install spec is provided (instruction-only install). The repository includes package.json/package-lock and the script relies on the widely used nodemailer package from npm. There are no downloads from arbitrary URLs or extract steps.
!
Credentials
The required environment variables (SMTP_HOST, SMTP_USER, SMTP_PASS, SMTP_FROM, etc.) are appropriate and necessary for SMTP email sending. The concern is that the registry metadata omitted declaring these required env vars, producing an inconsistent picture. The number and type of env vars is proportional to the skill's purpose, but they are highly sensitive (SMTP credentials).
Persistence & Privilege
The skill is not always-included and is user-invocable; autonomous invocation is enabled (platform default). The skill does not request system-wide config changes or extra privileges. Consider whether you want the agent to be allowed to autonomously call this skill, since it can send arbitrary emails when invoked.
What to consider before installing
This skill appears to be a straightforward SMTP email sender (nodemailer + a small script), but before installing you should: - Fix the metadata mismatch: confirm that the runtime indeed requires SMTP_HOST, SMTP_USER and SMTP_PASS (the SKILL.md does) because the registry entry currently lists no required env vars. - Treat SMTP_USER and SMTP_PASS as sensitive secrets. Do not paste them into chat or commit them to source control. Use a secure secret store or the platform's secret mechanism if available. - Avoid supplying credentials on the command line where shell history or process lists can leak them; prefer environment injection via a secrets manager or agent-provided secure env mechanism. - Decide whether you want the agent to be allowed to call this skill autonomously — if allowed, a compromised prompt/agent flow could send email to arbitrary recipients. If you do not want that, disable autonomous invocation or require user confirmation. - Test with a throwaway SMTP account first (no production credentials) to verify behavior and logging. If you want a higher assurance: ask the publisher to correct the registry metadata to declare required env vars, and review how your agent platform stores/isolates environment secrets for skill invocations.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fgh9k4pmjrh96t5g2zdn72d84c8wv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments