Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (read Mail and create reminders) match what the scripts do: fetch_emails.sh reads the macOS Mail Envelope Index and create_reminders.py extracts times and calls a reminders CLI. This capability is coherent with the stated purpose. However, the skill metadata declared no required config paths or credentials even though the scripts explicitly read a sensitive local file (~/Library/Mail/V10/MailData/Envelope Index) and depend on a third‑party CLI—an omission worth flagging.
Instruction Scope
SKILL.md and scripts instruct the agent to directly read the user's Mail database at the Envelope Index path and run local commands. The code accesses ~/Library/Mail/V10/MailData/Envelope Index (sensitive mailbox data) but the registry metadata did not declare that config path. The instructions are otherwise scoped to the stated task and do not attempt network exfiltration, but the implicit requirement to read a private mailbox file is a privacy/security concern and should be explicit in metadata and user consent.
Install Mechanism
There is no automated install spec (instruction-only), which reduces installer risk. However SKILL.md recommends installing 'remindctl' from a third‑party brew tap (steipete/tap/remindctl). Installing software from a non-official tap has moderate risk — the skill will rely on that external package. The rest of dependencies (Python3, sqlite3) are standard for macOS.
Credentials
The skill requests no environment variables or credentials, which is proportionate. It purely uses local filesystem access to the Mail DB and a local CLI. No unexpected API keys or external secrets are requested.
Persistence & Privilege
always is false and the skill does not request persistent/autostart privileges or modify other skills. It runs on demand and invokes local commands; no elevated platform privileges are requested in the metadata.
What to consider before installing
This skill will read your local macOS Mail database (~ /Library/Mail/…/Envelope Index) and create reminders using a local CLI. Before installing or running it: (1) confirm you are comfortable allowing any script to read your Mail DB and understand macOS privacy prompts; (2) review the two included scripts locally to verify they do only what you expect (they do not perform network calls, but they do read mail content and call a local CLI); (3) be cautious installing 'remindctl' from the steipete tap—prefer official packages or inspect that tap first; (4) note the metadata omitted the Mail DB path requirement and may assume a specific Mail version (V10) — check the path on your machine; (5) consider running the fetch script with a safe range (e.g., all -> LIMIT 50) and inspect output before piping into the reminder-creation script. If you want to proceed, run everything locally and not as an automated/unattended skill until you’ve validated behavior.Like a lobster shell, security has layers — review code before you run it.
latestvk97f28zdd2djy6pc48pqy05x7983yncw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.