Weekly Report Email

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill matches its stated purpose of collecting and emailing a weekly report, but it requires local SMTP credentials and can send email from the user’s account after confirmation.

Install only if you trust the publisher with a tool that can send email from your account. Use an app-specific SMTP authorization code, review the generated preview and recipient list before confirming, and avoid including passwords or highly sensitive information in the weekly report.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI03: Identity and Privilege Abuse

What this means

Anyone or any process that can read this .env file may be able to use the configured mailbox, depending on the SMTP credential’s scope.

Why it was flagged

The setup helper persists the SMTP password or authorization code and sender identity in a local .env file, giving the skill delegated ability to authenticate to the mail account.

Skill content

SMTP_PASS=${smtpPass}
SMTP_FROM=${smtpFrom}
`;
    fs.writeFileSync(envPath, envContent, 'utf-8');

Recommendation

Use an app-specific SMTP authorization code rather than a main mailbox password, restrict file access, and rotate the credential if you uninstall or stop using the skill.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

A mistaken confirmation or wrong recipient configuration could send business report contents to unintended people.

Why it was flagged

The skill can send an HTML email to configured recipients and optional CC addresses through nodemailer.

Skill content

const mailOptions = {
      from: from,
      to: recipient,
      subject: subject,
      html: html
    };

    const info = await transporter.sendMail(mailOptions);

Recommendation

Check the preview, recipient, and CC list carefully before confirming each send.

Low

#ASI05: Unexpected Code Execution

What this means

This adds an undeclared local command dependency and a small execution surface, though the shown command is narrowly scoped.

Why it was flagged

The code executes a local python3 command to compute the ISO week number. The input shown is generated from the current date, not from user text.

Skill content

const { execSync } = require('child_process');
  const dateStr = shanghaiTime.toISOString().split('T')[0];
  const isoWeekNumber = parseInt(execSync(`python3 -c "from datetime import datetime; d = datetime.fromisoformat('${dateStr}'); print(d.isocalendar()[1])"`, { encoding: 'utf-8' }).trim());

Recommendation

Prefer a JavaScript ISO-week implementation or declare the python3 requirement so users know what will run.

Low

#ASI06: Memory and Context Poisoning

What this means

The temporary file may contain private project, business, or personnel information while it exists.

Why it was flagged

The workflow writes the collected weekly report to a local memory file before sending, and states it should be deleted afterward.

Skill content

将所有内容写入 `memory/weekly-report-YYYYMMDD.md` 文件

**注意：** 这是临时文件，发送完邮件后会自动删除，不会保留。

Recommendation

Avoid putting secrets in the report, and verify cleanup if the workflow is interrupted before sending.