Sog
ReviewAudited by ClawScan on May 10, 2026.
Overview
Prompt-injection indicators were detected in the submitted artifacts (unicode-control-chars); human review is required before treating this skill as clean.
Before installing, make sure you are comfortable letting the agent operate the configured mail/calendar/contact/task/WebDAV account. Use app-specific passwords where possible, avoid `--force`, `--no-input`, `--insecure`, and `--no-tls` unless you understand the impact, and require review before any send, delete, upload, move, or bulk action. ClawScan detected prompt-injection indicators (unicode-control-chars), so this skill requires review even though the model response was benign.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could send email, change calendars/contacts/tasks, or delete remote files on the configured account.
The skill exposes commands that can send messages and mutate or delete remote account data. This matches the stated CLI purpose, but these operations can have real user impact if invoked without clear user intent.
sog mail send ...; sog mail delete <uid>; sog cal delete <uid>; sog contacts delete <uid>; sog drive delete <path>
Use it only for accounts you intend the agent to manage, and require explicit user confirmation before sending, deleting, moving, uploading, or bulk-changing data.
Anyone or any agent able to use the configured `sog` account can read and modify mail, calendars, contacts, tasks, and WebDAV files allowed by those credentials.
The skill stores and uses provider account passwords across several protocols. This is expected for IMAP/SMTP/DAV access, but it grants broad delegated access to the user's account data.
--password Password (stored in keychain); sog auth password <email> --imap, --smtp, --caldav, --carddav, --webdav
Prefer provider app-specific passwords with the narrowest available scope, protect the local keychain/config, and remove accounts when no longer needed.
Using `--insecure` or `--no-tls` could weaken protection for account login and data transfer.
The CLI supports optional insecure transport modes. They are not default, but if used they could expose account credentials or data to network interception.
Insecure bool `help:"Skip TLS certificate verification"`; NoTLS bool `help:"Disable TLS (plain text connection)" name:"no-tls"`
Avoid these flags unless connecting to a trusted test server; use normal TLS for real accounts.
A later install may fetch a different version than the one reviewed here.
Installing with `@latest` is common for Go tools, but it is unpinned, so future upstream changes could differ from the reviewed artifact version.
go | package: github.com/visionik/sogcli/cmd/sog@latest | creates binaries: sog
Pin to a trusted tag or commit when reproducibility matters, and install from the expected GitHub repository.