by 安全扫描
OpenClaw
可疑
medium confidence该技能大致符合其宣传的目的(苹果邮件自动化),但包含几个一致性和权限惊喜 —— 特别是代码中引用的缺失的 AppleScript 文件、在代理外部持久的 crontab 安装以及需要您审查的高权限 macOS 自动化/全磁盘访问要求。
评估建议
["安装前以易语言的推荐:","- 确认缺失的 AppleScript:Python 检查器预期有一个 get_unread_emails.scpt 文件(用于读取未读 Mail.app 消息),但该 .scpt 文件不在提供的清单中。请向作者询问或检查存储库以获取该文件;否则,检查器将失败。","- 了解您必须授予的权限:setup.sh 需要您允许 Terminal 控制 Mail.app,并可能在使用 cron 运行时请求全磁盘访问。这将允许脚本代表您读取和发送电子邮件 —— 只有在您信任用于此目的的机器/帐户时才授予此权限。","- Cron 持久性:setup.sh 安装一个 crontab 条目,因此检查器将按计划运行。如果您更喜欢手动运行,请拒绝 crontab 安装并手动运行脚本。如果您安装 cron,请注意,即使您不活跃地使用代理,技能也将运行。","- LLM API 密钥存储在磁盘上:如果您选择 OpenAI 或其他远程 LLM,则 API 密钥存储在 config/settings.json 中。确保该文件受到保护,不在源代码控制中,并在停止使用技能时旋转密钥。...详细分析 ▾
ℹ 用途与能力
Name/description match the included code: Python scripts use osascript to read Mail.app, score messages, draft replies, and send reports. Required binaries (python3, osascript) and Mail.app are appropriate. However, the code references a get_unread_emails.scpt AppleScript file used to fetch messages but that .scpt is not present in the provided file manifest — if actually missing the checker cannot fetch unread emails as described.
⚠ 指令范围
SKILL.md and setup.sh instruct the user to grant Terminal permission to control Mail.app (Automation) and possibly Full Disk Access, and to install a cron job. Those are necessary for the stated functionality but are high-privilege actions: the scripts will read mailbox contents and send messages via Mail.app. The README/SKILL.md also expect OpenClaw to edit config/settings.json directly; that gives the agent write access to runtime config. The instructions are fairly specific (not open-ended), but they do expand the agent's operational surface to persistent, privileged automation.
✓ 安装机制
No external download/install spec is included; this is instruction-and-source bundled in the skill. The setup is local (setup.sh writes config and installs a crontab). There are no downloads from arbitrary URLs, package manager installs, or extract steps in the skill package — low install-mechanism risk.
ℹ 凭证需求
The registry metadata declares no required env vars. The interactive setup optionally requests an LLM API key (OpenAI or other) and stores it in config/settings.json (gitignored). Requesting API keys is proportionate to the LLM feature. Be aware the key is stored on disk in a file that the skill and any process with file access can read; OpenClaw edits that config as part of its integration, which could expose or change stored credentials.
⚠ 持久化与权限
setup.sh (the provided installer) will install a cron job to run the checker on a schedule and instruct the user to grant Terminal Automation/Full Disk Access. That creates persistent background activity outside the immediate agent invocation and gives Mail.app automation rights. The skill metadata does not set always:true, but the installed cron plus automation permissions increases the blast radius — review and approve these system-level changes before proceeding.
安全有层次,运行前请审查代码。
运行时依赖
🖥️ OSmacOS
版本
latestv1.1.12026/3/20
["- 更新 README.md 和 SKILL.md 以提高清晰度和一致性。","- 刷新 _meta.json 中的元数据和配置详细信息。","- 调整 setup.sh 以与文档更新保持一致。"]
● 可疑
安装命令 点击复制
官方npx clawhub@latest install email-checker-by-entzai
镜像加速npx clawhub@latest install email-checker-by-entzai --registry https://cn.clawhub-mirror.com
技能文档
自动化苹果邮件助手
... (原始 Markdown 内容保留不翻译,仅示例)
注意: 代码块、命令行指令和原始 YAML frontmatter 部分保留不翻译。
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制