Execute email operations with platform-specific optimizations and secure credential handling.
⭐ 4· 2.8k·38 current·39 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description match the implementation: the skill is an instruction-only mail helper that uses himalaya for IMAP/SMTP and Apple Mail SQLite on macOS. Requested binaries and file access are consistent with reading and sending email.
Instruction Scope
Instructions explicitly tell the agent to read Apple Mail SQLite files and attachment directories (sensitive personal data) and to call himalaya/osascript. That is appropriate for an email helper, but the docs also include example commands that place credentials on the shell command line (e.g., security add-internet-password -w 'app-password'), which can expose secrets via shell history or process lists. The skill states 'NEVER auto-send' and a draft-review-send flow, which is good, but enforcement depends on the host agent following these instructions.
Install Mechanism
No install spec / no code files — instruction-only skill. This minimizes supply-chain risk (nothing is downloaded or written by the skill itself). The skill expects the user to install himalaya from known sources (brew/cargo).
Credentials
No environment variables or remote credentials are declared in registry metadata; the skill relies on local credentials: macOS Keychain and ~/.config/himalaya/config.toml (or XOAUTH2 token_cmd). These are proportionate to email functionality. However, the documentation demonstrates insecure CLI usage that can leak credentials (passing app-password in -w). The registry metadata omits osascript as a required binary even though SKILL.md references it for macOS; minor metadata inconsistency.
Persistence & Privilege
always is false and the skill does not request persistent system-wide modifications. It does instruct storing credentials into Keychain/config files (normal for mail clients) but does not request elevated or cross-skill privileges.
Assessment
This skill appears to be what it says — an instruction-only mail helper that uses himalaya and (on macOS) Apple Mail data. Before installing: 1) Accept that the agent will read email content and attachments if you allow it — this is necessary for the feature. 2) Prefer Keychain usage or XOAUTH2; do not paste raw passwords on command lines (examples in the docs show -w 'app-password' which can leak to shell history/process lists). 3) Install himalaya from a trusted source (brew or the official crate). 4) Confirm the agent will adhere to the draft-review-send workflow (the skill says it will not auto-send, but autonomous agent behavior depends on the platform). 5) Note the small metadata inconsistency (osascript mentioned in docs but not declared as required binary) — verify macOS-only behavior if you run on Linux. If you need higher assurance, ask the skill author to remove insecure example commands and to declare Keychain/OAuth requirements explicitly in metadata.Like a lobster shell, security has layers — review code before you run it.
latestvk97an6aj55ggyp5vq5tagb0y5d819nyb
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📧 Clawdis
OSmacOS · Linux
Binshimalaya