Qq Email Watcher

The skill mostly implements the advertised email-watcher behavior but contains hard-coded credentials and a default QQ target that would forward your emails to a third party if you run it without careful modification — this is a serious privacy/exfiltration risk.

Do not run this script without reviewing and changing its configuration. Specifically: 1) Remove or replace the hard-coded EMAIL and AUTH_CODE in scripts/email_watcher.py before running — the included values appear to be real and would allow whoever owns them to receive your emails. 2) Change QQ_TARGET to your own OpenID (and verify it) — otherwise notifications (including potentially sensitive contents or OTPs) will be sent to that default target. 3) Prefer storing credentials in a protected config file or environment variables (and update the code) instead of hard-coding. 4) Inspect what 'openclaw message send' and 'openclaw agent' do in your environment (where they send data) before enabling AI summarization or message forwarding. 5) Run initial tests in an isolated account or sandbox with non-sensitive emails. 6) Ensure whitelist/processed files are placed in a secure location with proper file permissions. If you are not comfortable auditing the code or removing the defaults, do not install or run this skill.