by 安全扫描
OpenClaw
可疑
high confidenceNULL
评估建议
What to consider before installing:
- The script does send email via SMTP using credentials stored in smtp-config.json next to the skill; those credentials are plaintext in that file. Consider storing SMTP credentials in a secret manager or environment variables rather than a repo file.
- SKILL.md promises markdown-to-HTML conversion, retry logic, and logging — none of these are implemented. If you need those features, review and update the code (add a markdown library, add retry/error-handling ...详细分析 ▾
⚠ 用途与能力
Name/description (SMTP email sender) aligns with the included Python script which sends email via SMTP. However the SKILL.md and description claim additional capabilities — markdown -> HTML conversion, retry logic, and logging — that are not present in the code. That mismatch indicates the documentation overstates functionality.
⚠ 指令范围
SKILL.md instructs running the included script and points to a local smtp-config.json for credentials, which matches the code's CONFIG_PATH (script directory). But the doc promises automatic markdown conversion, retries and logging which the script does not perform. The script will read any files passed as attachments or body_file and will send them via the configured SMTP server; if invoked autonomously or with user-supplied paths this could be used to exfiltrate files. The usage examples assume the config file is stored alongside the skill and recommends chmod 600, which is reasonable, but there's no built-in secret protection or validation of attachments.
✓ 安装机制
No install spec — instruction-only with a small Python script. Nothing is downloaded or written to disk by an installer. This is the lowest install risk.
ℹ 凭证需求
The skill requests no environment variables. SMTP credentials are expected in a local smtp-config.json file (username/password in plaintext). That is proportionate to sending mail but has security implications: secrets are stored in cleartext within the skill directory instead of a secret store or env var. No unrelated credentials are requested.
✓ 持久化与权限
always:false and default agent-invocation behavior. The skill does not request persistent system-wide privileges or modify other skills. The main risk relates to what the script can send if invoked autonomously (it can read and attach arbitrary file paths passed to it).
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.22026/2/28
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install smtp-sender
镜像加速npx clawhub@latest install smtp-sender --registry https://cn.longxiaskill.com