Agent Mailbox Light
Analysis
This is a coherent local-file mailbox skill; the main caution is that mailbox notes can persist, fan out to other local workspaces, and influence later agent context.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.
MAILBOX_GLOB="${MAILBOX_GLOB:-$HOME/.openclaw/workspace*}" ... for workspace in $MAILBOX_GLOB; do ... file="$inbox/$filename" ... } > "$file"The send helper fans out one message to every matching local workspace that has a mailbox inbox. This is disclosed and central to the skill, but a mistaken or misleading message can propagate across multiple workspaces.
archive="$workspace/.agent-mailbox/archive" ... find "$archive" -maxdepth 1 -type f -name '*.md' -mtime +"$days" -delete
The cleanup helper deletes old archived mailbox .md files under the selected workspace. This is scoped to the mailbox archive and aligns with the stated archive policy, but it is still a local file deletion capability.
Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.
Read only enough to determine relevance; Compress relevant mail into a very short working summary; ... Decide whether to ignore, use for this session, or adopt into memory
Mailbox files are intended to become agent context and may sometimes be distilled into longer-lived memory. The artifact also says they are advisory hints, which keeps this purpose-aligned but still worth noticing.