ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Email Web Interface

v1.0.0

Web interface for agent email communication (Lourens, Ace, etc.). Provides inbox viewing, draft creation/editing, and sending functionality via Gmail/Gog CLI...

0· 35·1 current·1 all-time
by@stefanferreira
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The description says 'Web interface for agent email' but the package metadata lists no required credentials or binaries. SKILL.md, however, instructs installing Roundcube (apt/docker) and/or using a local '/usr/local/bin/gog' CLI and storing Gmail SMTP credentials — the metadata and declared requirements are inconsistent with the actual needs.
!
Instruction Scope
Instructions tell operators to install system packages or run a Docker image, add plaintext SMTP app passwords into Roundcube config, set 'verify_peer' => false for IMAP (disables TLS cert verification), enable 'less secure apps', and run a Flask app with debug=True. These steps go beyond a small helper and introduce insecure defaults and broad system-level changes.
Install Mechanism
No formal install spec is provided in the registry, but SKILL.md recommends apt-get installs or running an official-looking Docker image (roundcube/roundcubemail). Using the official Roundcube image is reasonable, but the skill omits an explicit, auditable install spec and also relies on an undocumented third-party binary ('gog') at /usr/local/bin/gog for a custom interface.
!
Credentials
The skill implicitly requires Gmail credentials or an app password and access to an agent Gmail account, but the registry lists no required env vars or primary credential. Requesting account passwords/app passwords and suggesting disabling security (less secure apps) is disproportionate and risky without explicit credential handling guidance (OAuth, secret store, or env vars).
Persistence & Privilege
The skill does not request always:true or any system-wide persistent privileges and does not claim to modify other skills. Persistence/privilege level appears normal.
What to consider before installing
This skill's instructions and the registry metadata don't match: SKILL.md expects Gmail credentials and a 'gog' CLI and tells you to install system packages, but the skill declares none of that. Before installing, ask the publisher to (1) explicitly declare required env vars/credentials (e.g., GMAIL_APP_PASSWORD or OAuth client), (2) explain how 'gog' is obtained and whether it's trusted, and (3) fix insecure defaults (do not set verify_peer=false, avoid suggesting 'less secure apps', and do not run Flask with debug=True in production). If you proceed, run Roundcube in a container behind HTTPS, store any credentials in a secrets manager or environment variables (not plaintext config files), prefer OAuth2/service accounts over app passwords, review the Docker image source (roundcube/roundcubemail) and the Gog CLI binary, and do not enable 'less secure apps'. If the publisher cannot provide a clear install spec and a trustworthy source for 'gog', treat this skill as risky and avoid installing it on production systems.

Like a lobster shell, security has layers — review code before you run it.

latestvk9766201cqbrkmbd1wxw0ww1b584tjwz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments