ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Wan Qq Email

v1.0.0

QQ Email IMAP/SMTP client. Use Python imaplib and smtplib to read and send QQ emails without Himalaya.

0· 48·1 current·1 all-time
byWu Di@starryforest-ymxk
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The name/description claim a simple IMAP/SMTP client, which is coherent with the included scripts, but the code embeds a specific QQ account and password (IMAP_CONFIG and SMTP_CONFIG) rather than asking for the user's credentials or using environment variables. Hard-coding another account's credentials is not appropriate for this purpose and is unexpected.
!
Instruction Scope
SKILL.md instructs the agent/user to import and call the provided client expecting it to use 'automatic QQ configuration' — i.e., the hard-coded credentials — rather than instructing the user to supply their own credentials. The docs and runtime instructions therefore direct behavior that exposes/use a third-party account and do not require or document secure credential handling.
Install Mechanism
There is no install spec (instruction-only), which lowers installer risk. However, the package includes runnable Python source files that will execute locally when imported. Those files contain sensitive data (hard-coded credentials) and insecure SSL settings, so the lack of an install step does not eliminate risk.
!
Credentials
The skill declares no required environment variables yet contains embedded credentials (user and password). Requesting no credentials while shipping a private account/password is disproportionate and suspicious. Additionally, the code disables certificate validation (context.check_hostname = False; verify_mode = CERT_NONE), undermining transport security.
Persistence & Privilege
The skill is not always-enabled, does not request system-wide config changes, and does not claim to modify other skills or agent configuration. It does add a recommended path manipulation in examples (sys.path insertion) but that's local and typical for a distributed script.
What to consider before installing
Do not run this skill as-is. The code includes a hard-coded QQ email address and password and disables TLS certificate verification — this could allow the skill to send/receive mail using someone else's account and makes connections vulnerable to interception. Before installing or running: (1) inspect the full __init__.py and other scripts, (2) remove the embedded credentials and instead supply your own credentials via a secure method (prompt or environment variables), (3) restore proper TLS verification (don't set CERT_NONE or disable hostname checks), and (4) consider rotating the embedded account's password if you control it or avoid using the skill if you cannot verify the account owner. If you did not expect the repository to include credentials, treat this as a red flag and prefer an alternative implementation that asks for user credentials securely.

Like a lobster shell, security has layers — review code before you run it.

latestvk977f1c696qp634vn3xw4d1cj983ejmg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

📧 Clawdis

Comments