← Back to Skills Marketplace
72
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install email-manager-with-db
Description
Email account manager with IMAP/SMTP support and local database. Manage multiple email accounts, sync inbox, send emails, search, set filters, and generate d...
README (SKILL.md)
Email Manager Skill
This skill manages email accounts and interacts with them via IMAP and SMTP.
Commands
account
Manage email accounts.
add: Add a new email account.node cli.js account add --email \x3Cemail> --password \x3Capp-password> [--imap-host \x3Chost>] [--imap-port \x3Cport>] [--smtp-host \x3Chost>] [--smtp-port \x3Cport>]
list: List all configured email accounts.node cli.js account list
remove: Remove an email account.node cli.js account remove \x3Caccount-id>
test
Test the IMAP and SMTP connection for an account.
node cli.js test \x3Caccount-id>
sync
Sync emails from the server.
node cli.js sync \x3Caccount-id> [--folder \x3Cfolder-name>] [--limit \x3Cnumber>]
inbox
List emails in the inbox.
node cli.js inbox \x3Caccount-id> [--limit \x3Cnumber>] [--unread] [--no-filtered]
read
Read the content of a specific email.
node cli.js read \x3Cemail-id>
send
Send an email.
node cli.js send \x3Caccount-id> --to \x3Crecipient> --subject "\x3Csubject>" --body "\x3Cbody>"
search
Search for emails.
node cli.js search \x3Caccount-id> --query "\x3Cquery>"
folders
List all folders for an account.
node cli.js folders \x3Caccount-id>
filter
Manage email filters.
list: List all filter rules.node cli.js filter list [account-id]
add: Add a new filter rule.node cli.js filter add --field \x3Cfrom|to|subject> --pattern "\x3Cpattern>" [--account-id \x3Cid>]
remove: Remove a filter rule.node cli.js filter remove \x3Crule-id>
stats
Show statistics about emails.
node cli.js stats [account-id]
report
Daily send report: how many emails were sent and how many failed.
Defaults to today. Use --date to specify a date, or --days for a multi-day range.
node cli.js report [account-id] [--date YYYY-MM-DD] [--days \x3Cnumber>]
- No flags: today's report
--date 2026-03-31: report for a specific date--days 7: report for the last 7 days (broken down by day)
Output includes: total / sent / failed counts, success rate, and recent failure details (recipient, subject, error message).
Usage Guidance
This skill appears to implement the described email manager, but there are a few red flags to check before installing or running it:
- Sensitive data: account app passwords are stored in a local SQLite database. Only install/run in an environment you control. Back up or encrypt data if needed.
- Missing/undeclared env vars: README requires UNSUB_BASE_URL (public unsubscribe tracking URL) and recommends an UNSUB_SECRET; the registry metadata did not declare these. You must set a strong UNSUB_SECRET and a proper UNSUB_BASE_URL for List-Unsubscribe headers to work safely. Do not rely on the example default secret.
- Example server path: examples/email_tracker.py hardcodes DB_PATH to /Users/guozhen/..., and will write to that path if run unchanged. Edit the script to use a safe path (or an env var like TRACKING_DB_PATH) before running.
- Dependencies/build: running npm install will compile native modules (better-sqlite3). Review package.json and package-lock; the lockfile references a non-default npm mirror (registry.npmmirror.com). If you require source provenance, consider auditing or replacing with packages fetched from a registry you trust.
- Operational risks: this tool is designed for bulk outreach (the README even emphasizes cold email rotation). Ensure your use complies with email provider policies and laws; misuse can lead to account suspension or legal exposure.
Recommendations: review/modify the example server DB path and default secret, set UNSUB_SECRET to a strong value, set UNSUB_BASE_URL to a public domain you control (or leave it unset if you don't want tracking/one-click unsubscribe headers), and run the skill in an isolated environment. If you want the skill in an automated agent, explicitly confirm the agent is allowed to manage account credentials and send emails on your behalf.
Capability Analysis
Type: OpenClaw Skill
Name: email-manager-with-db
Version: 1.1.0
The skill manages email accounts but stores sensitive credentials (email addresses and app passwords) in plain text within a local SQLite database (src/db.js, src/accounts.js). It also includes a tracking server (examples/email_tracker.py) designed to log recipient IP addresses, User-Agents, and interaction data (opens/clicks), which, while aligned with the stated 'cold email' purpose, constitutes a high-risk tracking capability. Additionally, the code contains hardcoded absolute file paths (e.g., /Users/guozhen/MailOutbound/tracking.db in src/unsubscribe.js), suggesting it was extracted from a specific user environment and may exhibit unpredictable behavior on other systems.
Capability Tags
Capability Assessment
Purpose & Capability
The code implements the declared functionality (IMAP/SMTP, local SQLite DB, filters, suppression list, RFC8058 unsubscribe support and a tracking/unsubscribe example server). That behavior is coherent with the skill name/description. However, the README declares runtime environment variables (UNSUB_BASE_URL, UNSUB_SECRET, DB path overrides) that are required or recommended for full operation but the registry metadata lists no required env vars — an omission that is inconsistent and should be corrected.
Instruction Scope
SKILL.md shows only Bash/node CLI commands (node cli.js ...), which matches the included Node CLI. The README and examples additionally reference running a Python unsubscribe/tracking server (examples/email_tracker.py). The example server contains an absolute DB path that points to the developer's home (/Users/guozhen/...), and a default UNSUB_SECRET fallback ('solvea-default-secret-change-me'). The presence of an example that will write to an absolute path and defaults to a weak secret is unexpected and should be treated cautiously. The instructions do not ask the agent to read arbitrary system files, but they do require persistent storage and network endpoints for unsubscribe/tracking.
Install Mechanism
There is no formal install spec in the registry (instruction-only), but package.json/package-lock are present and README instructs running 'npm install'. Dependencies include native modules (better-sqlite3 has an install script) which will compile during install. The package-lock 'resolved' URLs point to registry.npmmirror.com (a mirror) rather than the default npm registry; that's unusual and worth noticing but not necessarily malicious. No custom remote download/extract install steps are present.
Credentials
The skill will handle highly sensitive data: user email addresses and app-specific passwords are stored in local SQLite (accounts.app_password). The README lists UNSUB_BASE_URL (marked as required for headers) and UNSUB_SECRET (recommended) along with DB path env vars, but the registry metadata declares no required env vars and primary credential none. That mismatch is concerning because the skill's correct and safe operation depends on those environment variables (and on you supplying HMAC secret and public base URL) yet they are not declared upfront. The example server also defaults to a weak secret if UNSUB_SECRET is not set.
Persistence & Privilege
The skill does not request always:true and won't be force-included. It writes its own data under a 'data' directory relative to the skill (src/db.js creates ./data/emails.db), which is normal for a local app. The only atypical persistence is the example Python server which uses a hardcoded absolute DB_PATH (/Users/guozhen/...) that would attempt to create/modify that path if run as-is; this is an authoring oversight rather than an explicit privilege escalation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install email-manager-with-db - After installation, invoke the skill by name or use
/email-manager-with-db - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Added RFC 8058 one-click unsubscribe, HMAC-signed tokens, suppression list with pre-send enforcement, and 20 regression tests.
v1.0.0
Initial release of email-manager-with-db
- Manage multiple email accounts with IMAP/SMTP support and a local database.
- Add, list, and remove email accounts.
- Sync inbox, list emails, and read specific messages.
- Send emails and search across inbox messages.
- Manage email filters and folders.
- Generate daily and multi-day send/failure reports with statistics.
- Test account IMAP/SMTP connections for troubleshooting.
Metadata
Frequently Asked Questions
What is Email Manager with DB?
Email account manager with IMAP/SMTP support and local database. Manage multiple email accounts, sync inbox, send emails, search, set filters, and generate d... It is an AI Agent Skill for Claude Code / OpenClaw, with 72 downloads so far.
How do I install Email Manager with DB?
Run "/install email-manager-with-db" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Email Manager with DB free?
Yes, Email Manager with DB is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Email Manager with DB support?
Email Manager with DB is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Email Manager with DB?
It is built and maintained by mguozhen (@mguozhen); the current version is v1.1.0.
More Skills