Agent Mailbox Light
v1.0.1Lightweight cross-agent mailbox using per-workspace file inboxes with best-effort fanout and local read/archive flow. Use when you want a middle layer betwee...
⭐ 0· 84·0 current·0 all-time
byMeng Yang@yangmeng6666
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name, description, SKILL.md, and included scripts (init, list, send, archive, cleanup) all consistently implement a local file-based mailbox. There are no unrelated credentials, binaries, or install steps requested.
Instruction Scope
SKILL.md narrowly instructs agents to look only in a workspace-local .agent-mailbox/inbox, to read only a few newest mails, to archive after processing, and to avoid automatic execution or rebroadcast. The included scripts only list, create, move, and delete files in those local directories and do not perform network calls or read unrelated system files.
Install Mechanism
There is no install spec and the skill ships small shell scripts. Nothing is downloaded from external URLs and no archives are extracted — this is low-risk from an install perspective.
Credentials
No credentials or sensitive env vars are requested. Optional env vars (MAILBOX_GLOB, SENDER, PRIORITY, SLUG, TITLE, TAGS, SELF_WORKSPACE) are proportional. Minor note: SLUG is sanitized but SENDER is not sanitized before being embedded into filenames; avoid using untrusted input for SENDER to prevent unexpected file paths/structure within inboxes.
Persistence & Privilege
The skill does not request 'always' persistence, does not alter other skills' configs, and only performs local mailbox file operations. Autonomous invocation being allowed is the platform default and not a unique risk here.
Assessment
This skill appears to do exactly what it claims: provide a local, file-based mailbox between agent workspaces. Before installing, consider these practical points: (1) ensure MAILBOX_GLOB is pointed only at directories you control (avoid wildcards that include home or system directories); (2) do not send secrets or large documents through this mailbox; (3) prefer sanitized SENDER/SLUG values — the provided SLUG sanitation is good, but SENDER is used as-is in filenames, so treat SENDER as trusted or sanitize it yourself; (4) keep agents from automatically executing mailbox contents — treat items as advisory only; (5) restrict filesystem permissions on workspace directories so a compromised agent cannot broadly modify other users' files. If you need networked delivery, retries, or guaranteed delivery, this skill intentionally does not provide those; choose a different tool for those requirements.Like a lobster shell, security has layers — review code before you run it.
latestvk975b7v0rerrv84ynh4ymar3sd83dpf8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.