← Back to Skills Marketplace
ProtonMail via Proton Mail Bridge
by
Jim Staley, CISSP
· GitHub ↗
· v1.0.1
· MIT-0
809
Downloads
1
Stars
0
Active Installs
4
Versions
Install in OpenClaw
/install openclaw-protonmail
Description
ProtonMail integration via Proton Mail Bridge for reading and sending encrypted emails.
Usage Guidance
This skill appears to do what it says: it connects to a local Proton Mail Bridge using the Bridge-generated credentials. Before installing, consider the following: 1) Avoid storing the Bridge password in plain text if possible — prefer OS keychain/password manager or ensure ~/.openclaw/openclaw.json is strictly permissioned (chmod 600). 2) Be aware OpenClaw session logs/tool calls can contain email text; protect your workspace and access to your machine. 3) Verify you install Proton Mail Bridge from the official source (Homebrew cask or Proton's site). 4) Review the skill source if you want extra assurance (it uses local IMAP/SMTP only; no external endpoints). 5) Keep the skill and dependencies updated and audit npm dependencies periodically. Note: some documentation files mention TLS validation behavior; the code constrains Bridge hosts to localhost and uses plain localhost connections — this is expected for Bridge but is a local-only trust decision you should accept consciously.
Capability Analysis
Type: OpenClaw Skill
Name: openclaw-protonmail
Version: 1.0.1
The ProtonMail skill is a legitimate integration for managing encrypted emails via the local Proton Mail Bridge. The codebase demonstrates strong security practices, including enforcing localhost-only connections in src/index.ts and implementing robust input sanitization and length limits for IMAP search queries in src/imap.ts to prevent injection. Furthermore, the project includes a transparent security policy (SECURITY.md) and documentation of past security hardening (README.md and CHANGELOG.md), indicating a proactive and responsible development approach without any evidence of malicious intent or data exfiltration.
Capability Tags
Capability Assessment
Purpose & Capability
Name/description, required env vars (PROTONMAIL_ACCOUNT, PROTONMAIL_BRIDGE_PASSWORD), dependencies (imap, nodemailer, mailparser) and the brew install of Proton Mail Bridge align with a skill that talks to a local IMAP/SMTP bridge. Nothing requested appears unrelated to reading/sending ProtonMail via Bridge.
Instruction Scope
SKILL.md keeps instructions scoped to installing/starting the Bridge, obtaining the Bridge-generated IMAP/SMTP credentials, adding them to OpenClaw config, and using the CLI/tool. It does instruct copying the skill into ~/.openclaw/skills and mentions that OpenClaw session logs may contain email text — a relevant privacy/security note. No instructions ask the agent to read unrelated system files or exfiltrate data, but the instructions do rely on storing credentials in an OpenClaw config file (see environment_proportionality).
Install Mechanism
Install spec is a Homebrew cask for the official Proton Mail Bridge — an expected, low-risk distribution method. The package also uses standard npm dependencies; the included install-skill script copies files into ~/.openclaw which is a normal local install step for skills.
Credentials
Requested environment variables are exactly the Bridge account and Bridge-generated password — appropriate and minimal for the stated functionality. However, SKILL.md suggests storing the Bridge password in ~/.openclaw/openclaw.json (plain JSON), which is sensitive. The project recommends chmod 600 and keychain/password manager, but users should treat that file and OpenClaw session logs as sensitive because they may contain email content.
Persistence & Privilege
Skill is not always:true and does not request system-wide elevated privileges. It installs into the user's OpenClaw skills directory and registers tools — expected for a skill. Autonomous invocation is allowed (platform default) but does not on its own increase concern given the limited, local-scope access.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install openclaw-protonmail - After installation, invoke the skill by name or use
/openclaw-protonmail - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Restore SKILL.md frontmatter parsing compatibility, sync version metadata, and rebuild from the hardened source.
v1.0.0
v1.0.0: Stable release. Fixed critical bug where readMessage() hung indefinitely on invalid/non-existent message UIDs (no Promise rejection, no timeout). Added fetch end handler with messageFound tracking to reject immediately with a clear error. Full CLI tests passing against Proton Bridge.
v0.1.1
Security hardening patch: removed insecure TLS override, enforced localhost-only Bridge hosts, hardened IMAP search query sanitization, added advisory + upgrade guidance.
v0.1.0
Initial beta release: Full IMAP/SMTP implementation via Proton Mail Bridge. Read, send, search, and reply to encrypted email. Security-first design (localhost-only). Actively seeking feedback.
Metadata
Frequently Asked Questions
What is ProtonMail via Proton Mail Bridge?
ProtonMail integration via Proton Mail Bridge for reading and sending encrypted emails. It is an AI Agent Skill for Claude Code / OpenClaw, with 809 downloads so far.
How do I install ProtonMail via Proton Mail Bridge?
Run "/install openclaw-protonmail" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is ProtonMail via Proton Mail Bridge free?
Yes, ProtonMail via Proton Mail Bridge is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does ProtonMail via Proton Mail Bridge support?
ProtonMail via Proton Mail Bridge is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created ProtonMail via Proton Mail Bridge?
It is built and maintained by Jim Staley, CISSP (@rvacyber); the current version is v1.0.1.
More Skills