Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Email Approval Workflow
v1.0.0Draft external emails for human approval before sending. Use when communicating with external parties (support, competitions, businesses). Always draft first...
⭐ 0· 37·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name and description match the runtime instructions: create drafts, present for human approval, then send and log after explicit approval. The hard-coded requirement to CC a specific person (Stef) and the use of specific workspace paths (/root/.openclaw/...) are design choices that align with the stated goal but should be confirmed by the user.
Instruction Scope
All instructions stay within the email-approval workflow: they create draft files, show drafts to a human for approval, then call a local email sender (python3 email_manager.py send) and append an audit line to an email_log.csv. These steps reference specific absolute paths (including /root) and a local script (email_manager.py) that is not included — the agent will need permission to write those paths and a working email-sender available. The SKILL.md also hardcodes Stef's personal Gmail in CC which has privacy/PII implications.
Install Mechanism
Instruction-only skill with no install steps and no third-party packages or downloads. This is the lowest install risk.
Credentials
The skill declares no environment variables or credentials. However, sending email (email_manager.py) will require email credentials or SMTP configuration at runtime; those credentials are not requested or described here. Confirm where email credentials are stored and that they are supplied securely and minimally (only what the mailer needs).
Persistence & Privilege
The skill does not request elevated platform privileges and is not marked always:true. It writes to /root/.openclaw/workspace/ and an email_log CSV within the workspace — reasonable for an audit trail, but verify the agent's filesystem permissions and that writing under /root is acceptable.
Assessment
This skill appears to do what it says: draft emails, require explicit approval, then send and log them. Before installing, verify: 1) the agent runs with permission to write to the specified /root/.openclaw workspace or adjust paths to a less privileged location; 2) an email sender (email_manager.py or equivalent) exists and its credentials are configured securely (don’t hardcode SMTP credentials in world-readable files); 3) you are comfortable with every external message being CC'd to the named personal Gmail address (privacy/PII concern) — change or remove that if inappropriate; 4) the workflow’s reliance on an explicit textual approval is enforced in the agent implementation (don’t allow ambiguous replies like “looks good” to be treated as approval). If any of these are unclear, request the missing implementation details or modify the SKILL.md to use safer paths and to document how email credentials are provided and protected.Like a lobster shell, security has layers — review code before you run it.
latestvk9738hwhx9xzg1jesesacw94y584vtt0
License
MIT-0
Free to use, modify, and redistribute. No attribution required.