Email Auto Reply
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears benign and only manages local reply templates, but it stores those templates persistently and advertises some email-account features that the code does not implement.
This looks safe as a simple local reply-template manager. Before installing, note that it does not appear to actually connect to email accounts or send/CC mail, and any rules you add are stored locally in ~/.email_auto_reply.json.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may expect a full email automation tool, but the artifacts show only a local template/rule helper.
The documentation advertises multi-account support and automatic CC, but the provided script only manages local keyword/reply rules and test output. This is a capability overstatement rather than evidence of unsafe behavior.
- 🔄 多账号支持 - ✅ 自动抄送
Treat this as a local rule manager unless future artifacts clearly show and document real email account integration.
Anything added as a reply rule can remain on the device and may be reused in future tests or replies.
The skill saves reply rules and template text in a persistent local JSON file for later reuse.
DATA_FILE = os.path.expanduser("~/.email_auto_reply.json")Avoid storing secrets or sensitive customer data in reply templates, and delete or inspect ~/.email_auto_reply.json when rules are no longer needed.