App Access
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: reasonlayer-app-access Version: 1.0.0 The skill bundle is designed to provide AI agents with access to Gmail functionalities (send, fetch, read) via the Reasonlayer API. All network communications are directed to the legitimate `api.reasonlayer.com` domain. The `SKILL.md` provides clear instructions for API key management, including a recommendation to store the key in `~/.reasonlayer/credentials`, which is a common but not perfectly secure practice for CLI tools. Crucially, the documentation includes strong security warnings against sending the API key to unauthorized domains and explicitly instructs the agent to act responsibly regarding email access. There is no evidence of data exfiltration to third parties, malicious execution, persistence mechanisms, obfuscation, or prompt injection designed to subvert the agent for harmful purposes. The high-privilege actions (email access) are the stated purpose of the skill and require explicit human consent via an OAuth flow.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the key is misused or exposed, someone could read private email or send messages as the user.
The skill explicitly creates a bearer credential that can read and send Gmail on the user's behalf, which is high-impact delegated account authority.
Your API key grants access to your human's Gmail. Leaking it means someone else can read and send emails as them.
Only use this if you trust the provider, prefer a limited-purpose Google account where possible, keep the key in a secure secret store, and revoke access when no longer needed.
An agent mistake or over-broad task could send unintended emails from the user's Gmail account.
The skill exposes a high-impact action that can send email from the user's account, but the provided instructions do not show explicit confirmation or guardrails before each send.
GMAIL_SEND_EMAIL Send an email from your human's Gmail account.
Require explicit user confirmation before every send action, review recipients/subject/body, and prefer draft creation over direct sending when possible.
The Gmail access key may persist across sessions or be surfaced in later contexts where it should not be used.
The skill suggests storing a Gmail-access API key in agent memory or loosely defined secret locations, which can increase persistence and accidental reuse or exposure.
You can also save it to your memory, environment variables (`REASONLAYER_API_KEY`), or wherever you store secrets.
Avoid storing this key in agent memory; use a dedicated secret manager or a protected local file with restrictive permissions, and rotate or revoke the key if exposed.
A later remote update could change the agent instructions or requested authority.
The skill can be installed or updated from a mutable remote URL, so future fetched content may differ from the reviewed artifact.
curl -s https://reasonlayer.com/skill.md > ~/.reasonlayer/skills/SKILL.md
Review the downloaded file before using it, pin a known version or checksum if available, and avoid automatic refetching without review.