ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Email Sender

v1.0.2

Send emails with optional file attachments using a Gmail account via SMTP by specifying recipient, subject, body, and an optional attachment path.

0· 1.2k·36 current·36 all-time
by@elodyzen

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for elodyzen/email-sender.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Email Sender" (elodyzen/email-sender) from ClawHub.
Skill page: https://clawhub.ai/elodyzen/email-sender
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install elodyzen/email-sender

ClawHub CLI

Package manager switcher

npx clawhub@latest install email-sender
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The skill's stated purpose (send email via Gmail SMTP) matches the code, but required credentials are not declared in metadata or SKILL.md; instead the sender email and an app password are hard-coded into script.py. A legitimate implementation would accept credentials via environment variables or an OAuth flow rather than embedding them in code.
!
Instruction Scope
SKILL.md and tools.json describe a send_email function that accepts an absolute attachment_path; script.py will open and attach any file at that path. That capability is consistent with 'attachments' but also allows reading arbitrary files on the host and transmitting them by email (sensitive system files, secrets, etc.). There is no validation, sandboxing, or explicit limitation on which paths are allowed.
Install Mechanism
No install spec or external downloads are present; the skill is instruction/code-only and doesn't write/install additional software. This lowers supply-chain risk compared with remote installers.
!
Credentials
No environment variables or credentials are declared, yet script.py contains a clear sender email and an app password (SENDER_EMAIL and SENDER_PASSWORD). This is disproportionate and risky: embedding credentials in code can enable the skill author (or anyone with the package) to send mail from that account and to exfiltrate files without the user's explicit credentialing.
Persistence & Privilege
The skill does not request 'always: true' and does not modify other skills or system settings. However, because autonomous invocation is allowed by default, an agent could invoke this tool on its own — combined with the hard-coded credentials and unrestricted file reads, that increases the blast radius for accidental or malicious data exfiltration.
What to consider before installing
Do not install or run this skill as-is. It contains a hard-coded Gmail address and app password in script.py, which lets the package send mail from that account and makes it trivial to exfiltrate arbitrary files by supplying attachment_path. If you need this functionality, prefer a version that: (1) does not embed credentials — require the user to supply credentials via environment variables or an explicit OAuth/SMTP configuration; (2) enforces attachment path restrictions or confirms before attaching sensitive files; (3) logs and surfaces where emails are sent and by whom. If you already installed or ran it, consider rotating the exposed Gmail app password, auditing the account's sent mail and activity, and replacing the skill with a reviewed implementation that keeps credentials out of repository code.

Like a lobster shell, security has layers — review code before you run it.

latestvk97fzevwhrhnbkcqej6ny3w2d1816h3m
1.2kdownloads
0stars
3versions
Updated 3h ago
v1.0.2
MIT-0
@elodyzen
latest
Download

OpenClaw Email Skill

Description

Send emails (with optional file attachments) from OpenClaw using SMTP. This skill uses a Gmail account with an App Password.

Usage

  • When to use: User asks to email a report, log, or any file.
  • Parameters:
    • to (string, required): Recipient email address.
    • subject (string, required): Email subject.
    • body (string, required): Plain‑text body.
    • attachment_path (string, optional): Absolute path to a file to attach.

Tools

The skill provides a function send_email that can be called via the OpenClaw function tool.

Comments

Loading comments...