Fastmail Suite
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent Fastmail helper, but it uses real Fastmail credentials and can change mail or calendar data if you deliberately enable writes.
Install only if you want the agent to access your Fastmail account. Start with read-only tokens, leave FASTMAIL_ENABLE_WRITES disabled unless you are intentionally sending or changing events, and remember that redaction is best-effort rather than complete privacy protection.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing and configuring this skill may let the agent read private Fastmail email, contacts, and calendar information.
The skill requires real Fastmail credentials that can access email, contacts, and calendar data. This is expected for the integration, but it is sensitive account authority.
FASTMAIL_TOKEN: required: true ... Fastmail JMAP API token (Mail + Contacts scopes) ... FASTMAIL_CALDAV_PASS ... Fastmail CalDAV app password used for calendar access.
Use least-privilege/read-only Fastmail tokens for normal use, use a dedicated CalDAV app password, and revoke tokens when no longer needed.
If writes are enabled, an agent could send email or modify calendar events using the configured Fastmail account.
The skill exposes account-changing operations, but documents that writes are disabled unless the user sets an explicit environment flag.
only when explicitly enabled) send email and create/reschedule/cancel calendar events ... Writes are OFF by default ... unless FASTMAIL_ENABLE_WRITES=1
Keep FASTMAIL_ENABLE_WRITES unset for normal use; enable it only for a specific task, prefer a separate send token, and review recipients/event changes before allowing write commands.
A malicious email could try to influence the agent if the agent treats email text as instructions rather than data.
The skill can place email body content into the agent-visible output. Incoming email is untrusted content and could contain instructions aimed at the agent.
"fetchTextBodyValues": True, "fetchHTMLBodyValues": True ... print(body)
Treat message bodies, subjects, and contact/calendar text as untrusted data; do not let retrieved email content override the user's actual request.
Users should not assume default redaction removes all private information from outputs.
The implementation describes redaction as best-effort and mainly masks email addresses and phone-like numbers, so other sensitive subject/body/contact/calendar details may still appear.
"""Best-effort redaction for display/logging (emails, phone-ish numbers)."""
Avoid using --raw unless necessary, and review outputs before sharing them outside the local agent session.