imap-smtp-email

Name: imap-smtp-email
Rating: 65 (1 reviews)
Author: gzlicanyi

Medium · 65 Score: 65/100

by gzlicanyi | Audited: 2026-02-05T09:18:25.242Z | Ruleset: 0.1.0

Quick Install

Add this skill to your agent

clawhub install imap-smtp-email

GitHub ClawHub

About This Skill

Read and send email via IMAP/SMTP. Check for new/unread messages, fetch content, search mailboxes, mark as read/unread, and send emails with attachments. Works with any IMAP/SMTP server including Gma…

✨ Use authorization code (授权码), not account password

✨ Enable IMAP/SMTP in web settings first

✨ --limit <n>: Max results (default: 10)

✨ --mailbox <name>: Mailbox to check (default: INBOX)

✨ --recent <time>: Only show emails from last X time (e.g., 30m, 2h, 7d)

✨ --mailbox <name>: Mailbox (default: INBOX)

✨ --dir <path>: Output directory (default: current directory)

✨ --to <email>: Recipient (comma-separated for multiple)

Use Cases

1 --file <filename>: Download only the specified attachment (default: download all)

2 For Gmail: use App Password if 2FA is enabled

3 Verify server is running and accessible

4 Verify username (usually full email address)

5 For Gmail: use App Password if 2FA enabled

Security Audit

Medium · 65

Summary

Risk Profile

Open on GitHub Repo Root ClawHub Report / Appeal

Key Risks 0 items

No LLM risk bullets (LLM disabled or not cached).

Deterministic Findings (Evidence)

Rule	Severity	File	Snippet
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/imap.js Line 23	const DEFAULT_MAILBOX = process.env.IMAP_MAILBOX \|\| 'INBOX';
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/imap.js Line 50	user: process.env.IMAP_USER,
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/imap.js Line 51	password: process.env.IMAP_PASS,
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/imap.js Line 52	host: process.env.IMAP_HOST \|\| '127.0.0.1',
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/imap.js Line 53	port: parseInt(process.env.IMAP_PORT) \|\| 1143,
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/imap.js Line 54	tls: process.env.IMAP_TLS === 'true',
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/imap.js Line 56	rejectUnauthorized: process.env.IMAP_REJECT_UNAUTHORIZED !== 'false',
NET_HTTP_REQUEST	medium	skills/gzlicanyi/imap-smtp-email/scripts/imap.js Line 121	const fetch = imap.fetch(results, fetchOptions);
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/smtp.js Line 38	host: process.env.SMTP_HOST,
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/smtp.js Line 39	port: parseInt(process.env.SMTP_PORT) \|\| 587,
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/smtp.js Line 40	secure: process.env.SMTP_SECURE === 'true', // true for 465, false for other ports
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/smtp.js Line 42	user: process.env.SMTP_USER,
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/smtp.js Line 43	pass: process.env.SMTP_PASS,
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/smtp.js Line 46	rejectUnauthorized: process.env.SMTP_REJECT_UNAUTHORIZED !== 'false',
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/smtp.js Line 70	from: options.from \|\| process.env.SMTP_FROM \|\| process.env.SMTP_USER,
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/smtp.js Line 125	from: process.env.SMTP_FROM \|\| process.env.SMTP_USER,
SENSITIVE_ENV	medium	skills/gzlicanyi/imap-smtp-email/scripts/smtp.js Line 126	to: process.env.SMTP_USER, // Send to self
QUALITY_README_PRESENT	low	README Line n/a	README detected

Explore More Skills

byterover Low · 93

by byteroverinc

moltbook-interact Low · 94

by LunarCmd

nano-pdf Low · 93

by steipete