Ai Intelligent Email Automation
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used without strong controls, the agent could send many emails, reply on the user's behalf, or track recipients in ways that damage account reputation or create privacy/compliance issues.
The skill advertises bulk outbound email, automatic replies, and recipient tracking, but the artifacts do not define approval gates, recipient limits, opt-out handling, or review before sending.
- 批量发送(邮件群发) - 自动回复(智能回复) - 邮件追踪(已读/点击)
Require explicit user confirmation before any send or auto-reply, define allowed recipient lists and rate limits, and document consent/unsubscribe and tracking rules.
Users may not realize the skill needs access to send and read email from their account, and the reviewed artifacts do not clarify which account privileges are required.
SMTP/IMAP email automation normally requires mailbox credentials or delegated email access, but the registry metadata does not declare any credential, environment variable, or config requirement.
SKILL.md: "- SMTP/IMAP"; metadata: "Required env vars: none" and "Primary credential: none"
Declare the required email credential mechanism, use least-privilege account access where possible, and clearly state what mailboxes, folders, and send permissions the skill may use.
Installing the skill may execute code that was not reviewed here, potentially with access to email credentials and mailbox data.
The reviewed package contains no code files or install spec, yet instructs users to fetch and run external code and dependencies that were not included for review or pinned to a specific commit.
git clone https://github.com/openclaw-skills/ai-intelligent-email-automation cd ai-intelligent-email-automation pip install -r requirements.txt python app.py
Include the runnable source in the reviewed package or pin the external repository to a trusted commit, publish dependency locks, and make the install mechanism explicit in metadata.
Private inbox contents could be exposed to the automation workflow if the user grants mailbox access.
Receiving, analyzing, and classifying email is purpose-aligned for this skill, but it means private email content may be processed as agent context.
邮件自动化,发送/接收/分析。 ... - 邮件分类(自动分类)
Use only accounts and folders intended for automation, exclude sensitive mailboxes, and document whether analyzed email content is stored, summarized, or reused.