read-no-evil-mcp

The OpenClaw skill 'read-no-evil-mcp' is designed to provide secure email access with built-in prompt injection protection. The `SKILL.md` explicitly instructs the AI agent to avoid sensitive actions like displaying configuration details (`setup-config.py show`) without user confirmation, demonstrating a strong awareness of prompt injection risks against the agent itself. The `scripts/setup-server.sh` and `scripts/setup-config.py` handle Docker setup and configuration file management responsibly, including controlled handling of `.env` files for credentials and read-only mounting of config files into Docker containers. There is no evidence of intentional malicious behavior such as data exfiltration, unauthorized persistence, or arbitrary command execution beyond the skill's stated purpose.