imap-smtp-email

Multi-account support and config improvements: - Added support for multiple email accounts via prefixing in config (e.g., WORK_IMAP_HOST). - Introduced a shared config file at `~/.config/imap-smtp-email/.env` that persists across updates. - New setup process: configure and manage accounts using `setup.sh`. - All commands can now use `--account <name>` to specify which account to use. - New commands to list all configured accounts. - Added file access whitelisting for security (ALLOWED_READ_DIRS/ALLOWED_WRITE_DIRS).

OpenClaw analysis

The skill’s code, instructions, and requirements align with its stated purpose (IMAP/SMTP email access); it stores credentials locally and enforces a file-access whitelist—no signs of hidden exfiltration or unrelated privileges.

Confidence: high

VirusTotal

Type: OpenClaw Skill Name: imap-smtp-email Version: 0.0.10 The imap-smtp-email skill provides legitimate email management functionality with proactive security measures. It implements path validation for file reads and writes (scripts/imap.js and scripts/smtp.js) using a whitelist defined in the configuration, preventing unauthorized file access. Credentials are stored in the user's home directory with restricted permissions (600), and the setup script (setup.sh) follows standard practices for configuring third-party email providers like Gmail and 163.com.