ClawHub

SMTP

v1.0.0

Send, test, and debug SMTP mail flows with safe dry runs, provider-aware auth, and deliverability checks.

0· 229·1 current·1 all-time
byIván@ivangdavila
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (SMTP send/test/debug) matches the SKILL.md. The skill does not request unrelated env vars, binaries, or cloud credentials. Recommended tools (swaks, openssl, dig) are appropriate for SMTP diagnostics and are only recommendations, not required installs.
Instruction Scope
Runtime instructions are narrowly focused on SMTP diagnostics and a safety-first send flow (draft → probe → canary → verify → scale). The skill explicitly creates and reads files under ~/smtp/ and will read memory.md when status is 'ongoing', so users should be aware the agent will persist and reuse local context. The SKILL.md also mandates explicit confirmation before any live send and instructs not to store secrets in the local files.
Install Mechanism
Instruction-only skill with no install spec and no code files; this minimizes installation risk (nothing is downloaded or executed by the installer).
Credentials
The skill declares no required environment variables or primary credential. It recommends that credentials come from a user-approved secret manager or runtime prompt and explicitly forbids storing raw secrets in the local files — this is proportionate to the stated purpose.
Persistence & Privilege
The skill writes to and reads from ~/smtp/, creates baseline files, and sets restrictive permissions (chmod 700/600). It does not request system-wide privileges or modify other skills. Because the agent may read persisted memory on activation, users should confirm that stored files contain only non-sensitive debugging context.
Assessment
This skill is coherent and appears to do what it says: SMTP diagnostics with a strong emphasis on safety. Before installing or using it, note that it will create ~/smtp/ and persist debugging context there — review and control that directory (permissions are set by the setup instructions). Never put passwords or tokens into those files; provide credentials via a secret manager or a one-time runtime prompt as the skill recommends. Confirm any live send explicitly (the SKILL.md requires it), and if you prefer no persistent local state, avoid running setup or delete ~/smtp/ after use. If you have strict policies about autonomous agent actions, remember the platform allows autonomous invocation by default — ensure you or your org consent to the agent being able to run this skill when appropriate.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bb049qy1dffcwn62wznxkzs8327e5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📬 Clawdis
OSLinux · macOS · Windows

Comments