ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Only read email

只读邮件助手,通过 POP3 协议读取163、QQ、Gmail、Outlook等任意邮箱的邮件。支持:查询邮件总数、获取最近若干封邮件的标题列表、读取邮件完整内容(正文+附件信息)、按序号读取指定邮件、按关键词搜索邮件主题。当用户询问"帮我看看邮件"、"读一下邮箱"、"邮件里有没有XX"、"最近有什么邮件"、"查...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 39 · 0 current installs · 0 all-time installs
by@yuyun2000
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with the included Python script: it connects to arbitrary POP3 servers and reads message headers/bodies. Nothing in the code attempts unrelated cloud or system access; functionality is coherent with an email reader.
!
Instruction Scope
SKILL.md explicitly instructs the agent to prompt users for email account and authorization code and to run the local script. It also recommends writing credentials into environment variables and shows an example using `gateway config.patch` to place EMAIL_USER/EMAIL_PASS into global agent config — this expands scope beyond ephemeral use and instructs persistent storage of secrets in the agent environment.
Install Mechanism
No install spec and no external downloads; this is instruction-only plus a shipped Python script. That minimizes supply-chain risk because nothing is fetched at install time.
!
Credentials
The skill requires sensitive credentials (email username and password/app-specific auth code) to operate — that is expected — but the registry metadata declares no required env vars or primary credential, which is inconsistent with SKILL.md and the script (which reads EMAIL_USER, EMAIL_PASS, POP3_SERVER, POP3_PORT and .email_config). The recommendation to persist these into global config increases risk of long-lived secret exposure.
!
Persistence & Privilege
The skill itself does not set always:true and has no install steps, but SKILL.md recommends using `gateway config.patch` to store credentials in global env. That action would grant persistent access to those secrets across agent runs; the skill's own files (.email_config) can also contain plaintext credentials if used. The code does not autonomously exfiltrate data, but persistence of credentials via global config increases potential blast radius.
What to consider before installing
This tool is a straightforward POP3 read-only email client, but it needs your email address and an app/POP3 password to work. Before installing: (1) do not blindly put EMAIL_PASS into a global agent config — prefer passing credentials at runtime or store them locally in a file with strict permissions (600); (2) prefer app-specific passwords or authorization codes (not your main account password); (3) review the included script yourself (it is small and readable) and run it locally rather than granting it persistent global environment access; (4) avoid using `gateway config.patch` to store secrets globally unless you understand and accept that those secrets will be available to the agent on every run; (5) verify the skill's origin before giving it credentials — the registry metadata lacks a homepage and does not declare required env vars, which is an inconsistency. If you want lower risk, run the script locally and supply credentials on the command line or via a protected .email_config file that you control.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk970fse3p7dnzxxzvj24rv1qdd83jywg

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Email Reader

通过 POP3 SSL 协议只读邮箱,支持任意标准 POP3 邮箱。所有操作只读,不会删除或修改邮件。

核心脚本

scripts/email_reader.py — 所有功能入口,JSON 输出。

# 查总数
python3 scripts/email_reader.py count

# 最近 10 封标题(仅头部,速度快)
python3 scripts/email_reader.py subjects --n 10

# 最近 5 封完整内容(含正文)
python3 scripts/email_reader.py list --n 5

# 按序号读指定邮件
python3 scripts/email_reader.py read --index 42

# 在最近 100 封中搜索主题含关键词的邮件
python3 scripts/email_reader.py search --keyword 验证码 --range 100

配置方式(三层优先级,高优先级覆盖低优先级)

方式 1:命令行参数(最高优先级,适合临时测试)

python3 scripts/email_reader.py \
  --user your@163.com \
  --pass_ YOUR_AUTH_CODE \
  --server pop.163.com \
  --port 995 \
  subjects --n 5

方式 2:环境变量(推荐,安全可靠)

export EMAIL_USER="your@163.com"
export EMAIL_PASS="YOUR_AUTH_CODE"
export POP3_SERVER="pop.163.com"
export POP3_PORT="995"
python3 scripts/email_reader.py subjects --n 5

在 OpenClaw 中,可通过 gateway config.patch 将环境变量写入全局配置:

{
  "env": {
    "EMAIL_USER": "your@163.com",
    "EMAIL_PASS": "YOUR_AUTH_CODE",
    "POP3_SERVER": "pop.163.com",
    "POP3_PORT": "995"
  }
}

方式 3:.email_config 文件(适合本地使用,不推荐提交到版本库)

scripts/ 目录下创建 .email_config

[email]
user   = your@163.com
pass_  = YOUR_AUTH_CODE
server = pop.163.com
port   = 995

⚠️ 安全提醒.email_config 含明文密码,请确保文件权限为 600,并加入 .gitignore

邮箱服务器配置

各邮箱 POP3 服务器地址和授权码获取方式,参见 references/providers.md

163邮箱快捷配置

  • Server: pop.163.com,Port: 995
  • 需使用授权码而非登录密码(邮箱设置 → POP3/SMTP → 开启 → 获取授权码)

工作流程

  1. 先询问用户的邮箱账号、授权码(密码)、邮箱类型
  2. 根据邮箱类型查 references/providers.md 确认服务器地址
  3. 决定配置方式(推荐环境变量),完成配置
  4. 运行脚本,解析 JSON 输出后以自然语言回复用户

输出格式

脚本统一输出 JSON,agent 解析后转为自然语言回复用户。示例:

{
  "total": 523,
  "emails": [
    {
      "index": 523,
      "subject": "【网易】您的账户安全提醒",
      "from": "noreply@163.com",
      "date": "2026-03-25 10:30:00"
    }
  ]
}

注意事项

  • 首次连接慢属正常(POP3 需要完整下载邮件)
  • subjects 子命令只拉取头部,比 list 快得多,适合先浏览再精读
  • 邮件 index 从 1 开始,数字越大越新
  • 正文超长时建议截取前 2000 字符展示

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…