Eppie Email CLI
v0.2.0Control the eppie-console CLI mail client to inspect accounts, folders, read/send messages, sync folders, and manage vaults with JSON output and automation s...
⭐ 1· 14·0 current·0 all-time
byEppie@eppieapp
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
high confidencePurpose & Capability
The name/description match the instructions: the file documents how an agent should drive the eppie-console CLI to inspect accounts, read/send messages, sync folders, and manage a vault. The skill does not ask for unrelated permissions or credentials. Minor note: the registry metadata lists no required binaries even though the skill expects a path to the eppie-console executable at runtime; this is an omission in metadata rather than a functionality mismatch.
Instruction Scope
The SKILL.md stays focused on CLI usage and deterministic stdin/CLI patterns. It explicitly instructs agents to pass vault passwords and provider-specific secrets via stdin (which is standard for CLI automation) and recommends using --non-interactive/--output=json. It also recommends --assume-yes=true for destructive operations; while coherent for automation, that enables potentially destructive actions (reset, remove) if an agent runs without appropriate guardrails.
Install Mechanism
This is an instruction-only skill and contains only reference download URLs pointing to GitHub Releases (well-known release host). There is no install spec that would cause arbitrary code to be fetched/installed by the platform itself.
Credentials
The skill does not declare required environment variables or credentials (registry metadata lists none). The document does mention that eppie-console can read appsettings.json and environment variables and that vault passwords and provider secrets should be supplied via stdin. This is proportional to the CLI's purpose, but users/agents should be aware that environment variables or config files adjacent to the executable can affect behavior and must be managed by whoever runs the agent.
Persistence & Privilege
The skill does not request persistent privileges (always:false) and does not install background components. Autonomous invocation is allowed by default on the platform; combined with the ability to unlock/reset vaults, that means an agent with this skill could perform destructive actions if given roaming authority — the skill itself does not demand persistent elevated privileges.
Assessment
This skill is a detailed automation contract for the eppie-console CLI and appears coherent. Before installing or enabling it: (1) ensure you have the eppie-console binary from a trusted source (verify GitHub release checksums) and place it where your agent expects; (2) do not provide vault passwords or provider secrets to untrusted agents — the skill expects vault passwords via stdin and supports destructive commands (reset) when --assume-yes is used; (3) if you enable autonomous agents with this skill, restrict their permissions and review any commands they will run to avoid accidental data loss or message sending; (4) consider updating the skill metadata to declare the required binary so automated eligibility checks can warn if eppie-console is missing.Like a lobster shell, security has layers — review code before you run it.
latestvk9716pecjj7wxfrshffg789ar584pzbr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.