ClawHub

OpenClaw Email Manager for Postfic and Dovecot

v1.0.0

Complete email management for Postfix/Dovecot

0· 611·8 current·8 all-time
by@soderholmm
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the provided code and SKILL.md: the scripts use imaplib/smtplib to list, read, move, mark, draft, and send messages. No unrelated cloud providers, devops systems, or unrelated credentials are requested.
Instruction Scope
SKILL.md instructs creating a config.json and running the provided Python scripts. The scripts operate on IMAP/SMTP servers and only reference expected local config locations (repo config, cwd, ~/.openclaw path, /etc/openclaw). They do not instruct reading arbitrary unrelated system files or exfiltrating data to external endpoints beyond the mail servers.
Install Mechanism
No install spec; this is an instruction-only skill with bundled Python scripts. It requires only python3 and uses the standard library (imaplib/smtplib). No downloads or external packages are pulled in.
Credentials
The skill expects mailbox credentials (email address/password) but the registry metadata lists no required env vars or config paths. The code will read credentials from config.json or the EMAIL_*/IMAP_/SMTP_ environment variables — so although no env vars were declared in metadata, the scripts will accept them. Providing EMAIL_PASSWORD gives complete mailbox access, which is necessary but sensitive; the skill also looks for config.json in system locations (including /etc/openclaw).
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide agent settings. It writes nothing by itself and only reads config.json and environment variables.
Assessment
This skill appears to do what it says: it needs your mailbox credentials (email/password) to log in to IMAP and SMTP. Before installing, consider: (1) store credentials securely (use an app-specific password or account with limited access), (2) place config.json in a secure path with restricted permissions rather than a world-readable location, (3) review the scripts yourself or run them in a test account to confirm behavior, (4) be aware the code will try multiple config locations including /etc/openclaw and ~/.openclaw — ensure those paths are appropriate for your deployment, and (5) confirm the agent environment has network access only to your mail servers. The only minor metadata inconsistency is that the registry lists no required env vars despite the code supporting EMAIL_*/IMAP_/SMTP_ environment variables; that does not change the overall coherence but you should be aware of it.

Like a lobster shell, security has layers — review code before you run it.

latestvk97cp4jdabp1x46nfbks6065ax82mq8d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3

Comments