Skillv1.0.0

ClawScan security

Ai Email No Human Interaction Needed · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 14, 2026, 12:37 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions and requirements are internally consistent with its stated purpose (creating receive‑only mailboxes and extracting verification codes), but it is an instruction-only integration that talks to an external service of unknown provenance, so you should review policy and trust implications before using it.
Guidance: This skill appears coherent: it simply documents how to use an external receive-only email service API to create mailboxes and extract OTPs. Before installing, consider: 1) Trust and privacy — the external provider will receive and store verification emails and codes, so verify their reputation, privacy policy, data retention, and security. 2) Legal/ethical/TOS risk — automating account creation and harvesting verification codes can violate target services' terms and may be considered abusive behavior; ensure use cases are permitted. 3) Operational risk — because the skill instructs network calls to a third-party domain of unknown provenance, avoid using it with accounts or services you care about; test in an isolated environment. 4) Audit and monitoring — if you enable this skill in a shared/enterprise agent, log and monitor its API key usage to detect misuse. If you need higher assurance, ask the publisher for a homepage, privacy policy, and security attestations before relying on it.

Purpose & Capability: okThe name and description (receive-only AI email addresses for signups/OTP extraction) match the runtime instructions, which exclusively describe creating API keys/mailboxes and reading messages from https://aiemailservice.com. There are no unrelated credentials, binaries, or installs requested.
Instruction Scope: noteThe SKILL.md stays within the declared purpose: it instructs the agent to call the provider's endpoints to create mailboxes, long-poll for mail, and extract codes. It does not instruct reading local files, other env vars, or system state. Note: this gives the agent the ability to automate account creation and automatically capture verification codes — behavior that is powerful and could be abused or violate target services' terms of service.
Install Mechanism: okInstruction-only skill with no install spec or code files. This minimizes disk/write/install risk; nothing is downloaded or executed by the skill itself.
Credentials: okNo environment variables, credentials, or config paths are requested by the skill. All authentication is described as managed by API keys created via the external service endpoints — consistent with the described functionality.
Persistence & Privilege: okThe skill is not marked always:true and does not ask to modify other skills or system-wide settings. It would run only when invoked (or when the agent chooses to call it under normal autonomous invocation rules).