← Back to Skills Marketplace
Email Web Interface
by
stefanferreira
· GitHub ↗
· v1.0.0
· MIT-0
76
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install email-web-interface
Description
Web interface for agent email communication (Lourens, Ace, etc.). Provides inbox viewing, draft creation/editing, and sending functionality via Gmail/Gog CLI...
README (SKILL.md)
Email Web Interface Skill
Description
Web interface for agent email communication (Lourens, Ace, etc.). Provides inbox viewing, draft creation/editing, and sending functionality via Gmail/Gog CLI integration.
When to Use
- When user needs to access agent email inboxes
- To compose and send non-bot emails
- To view and manage email drafts
- When existing webmail interfaces are clunky
Options Considered
Option A: Existing Webmail Solutions
-
Roundcube (Recommended)
- Pros: Mature, feature-rich, good plugin ecosystem
- Cons: Can be heavy, PHP-based
-
RainLoop
- Pros: Modern, lightweight, good mobile support
- Cons: Less mature, fewer features
-
SnappyMail
- Pros: Fast, Gmail-like interface
- Cons: Newer project, smaller community
Option B: Custom Interface
Build a custom React/Node.js interface that:
- Uses Gog CLI for Gmail API access
- Provides clean, minimal interface
- Integrates with Mission Control
- Tailored to our specific needs
Recommended Approach
Start with Roundcube, then customize if needed. Roundcube provides:
- Full email functionality out of the box
- IMAP/SMTP support (works with Gmail)
- Plugin system for customization
- Stable and well-documented
Procedure
1. Install Roundcube
# Install dependencies
apt-get update
apt-get install -y roundcube roundcube-core roundcube-mysql roundcube-plugins
# Or use Docker
docker run -d --name roundcube \
-p 8081:80 \
-e ROUNDCUBEMAIL_DEFAULT_HOST=ssl://imap.gmail.com \
-e ROUNDCUBEMAIL_DEFAULT_PORT=993 \
-e ROUNDCUBEMAIL_SMTP_SERVER=tls://smtp.gmail.com \
-e ROUNDCUBEMAIL_SMTP_PORT=587 \
roundcube/roundcubemail
2. Configure Gmail Access
Ace's Gmail account needs:
- App Password (if 2FA enabled): Generate in Google Account → Security
- IMAP enabled: Settings → Forwarding and POP/IMAP → Enable IMAP
- Less secure apps (if needed): May require allowing less secure apps
3. Roundcube Configuration
// config/config.inc.php
$config['default_host'] = 'ssl://imap.gmail.com';
$config['default_port'] = 993;
$config['smtp_server'] = 'tls://smtp.gmail.com';
$config['smtp_port'] = 587;
$config['smtp_user'] = '[email protected]';
$config['smtp_pass'] = 'APP_PASSWORD_HERE';
$config['imap_conn_options'] = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false,
),
);
4. Custom Integration (If Needed)
If Roundcube is clunky, build custom interface:
# Custom email interface using Gog CLI
from flask import Flask, render_template, request, jsonify
import subprocess
import json
app = Flask(__name__)
class EmailInterface:
def __init__(self):
self.gog_path = "/usr/local/bin/gog"
def get_inbox(self, limit=50):
"""Get inbox emails via Gog CLI."""
cmd = [self.gog_path, "gmail", "messages", "list",
"--limit", str(limit), "--format", "json"]
try:
result = subprocess.run(cmd, capture_output=True, text=True)
if result.returncode == 0:
return json.loads(result.stdout)
except Exception as e:
print(f"Error getting inbox: {e}")
return []
def get_message(self, message_id):
"""Get specific email message."""
cmd = [self.gog_path, "gmail", "messages", "get",
message_id, "--format", "json"]
try:
result = subprocess.run(cmd, capture_output=True, text=True)
if result.returncode == 0:
return json.loads(result.stdout)
except Exception as e:
print(f"Error getting message: {e}")
return None
def send_email(self, to, subject, body):
"""Send email via Gog CLI."""
cmd = [self.gog_path, "gmail", "messages", "send",
"--to", to, "--subject", subject, "--body", body]
try:
result = subprocess.run(cmd, capture_output=True, text=True)
return result.returncode == 0
except Exception as e:
print(f"Error sending email: {e}")
return False
@app.route('/')
def inbox():
"""Inbox view."""
email_iface = EmailInterface()
messages = email_iface.get_inbox(limit=20)
return render_template('inbox.html', messages=messages)
@app.route('/message/\x3Cmessage_id>')
def view_message(message_id):
"""View specific message."""
email_iface = EmailInterface()
message = email_iface.get_message(message_id)
return render_template('message.html', message=message)
@app.route('/compose', methods=['GET', 'POST'])
def compose():
"""Compose new email."""
if request.method == 'POST':
to = request.form['to']
subject = request.form['subject']
body = request.form['body']
email_iface = EmailInterface()
success = email_iface.send_email(to, subject, body)
return jsonify({'success': success})
return render_template('compose.html')
if __name__ == '__main__':
app.run(host='0.0.0.0', port=8082, debug=True)
5. Mission Control Integration
Add email interface to Mission Control sidebar:
// mission-control sidebar config
{
name: "📧 Ace Email",
path: "/email",
icon: "email",
external: true,
url: "http://localhost:8081" // Roundcube
// or: "http://localhost:8082" // Custom interface
}
6. Security Considerations
- HTTPS: Use reverse proxy with SSL
- Authentication: Add login to email interface
- Rate limiting: Prevent abuse
- Logging: Monitor email access
- Backup: Regular backup of important emails
Implementation Steps
Phase 1: Quick Setup (Today)
- Install Roundcube via Docker
- Configure with Ace's Gmail credentials
- Test basic email functionality
- Add link to Mission Control
Phase 2: Customization (This Week)
- Evaluate Roundcube usability
- If clunky, start custom interface development
- Implement essential features:
- Inbox with threading
- Compose with rich text
- Draft saving
- Search functionality
Phase 3: Integration (Next Week)
- Deep integration with Mission Control
- Notification system for new emails
- Email templates for common responses
- Advanced search and filtering
Testing Checklist
- Can view inbox
- Can read emails
- Can compose new email
- Can send email
- Can save drafts
- Search works
- Mobile responsive
- Secure (HTTPS, auth)
Fallback Plan
If Roundcube doesn't work well:
- Try RainLoop (lighter alternative)
- Build minimal custom interface
- Use Gog CLI directly with simple web wrapper
Resources
- Roundcube: https://roundcube.net
- Gmail IMAP: https://support.google.com/mail/answer/7126229
- Gog CLI: https://github.com/openclaw/gog
- Mission Control Integration Guide
Usage Guidance
This skill's instructions and the registry metadata don't match: SKILL.md expects Gmail credentials and a 'gog' CLI and tells you to install system packages, but the skill declares none of that. Before installing, ask the publisher to (1) explicitly declare required env vars/credentials (e.g., GMAIL_APP_PASSWORD or OAuth client), (2) explain how 'gog' is obtained and whether it's trusted, and (3) fix insecure defaults (do not set verify_peer=false, avoid suggesting 'less secure apps', and do not run Flask with debug=True in production). If you proceed, run Roundcube in a container behind HTTPS, store any credentials in a secrets manager or environment variables (not plaintext config files), prefer OAuth2/service accounts over app passwords, review the Docker image source (roundcube/roundcubemail) and the Gog CLI binary, and do not enable 'less secure apps'. If the publisher cannot provide a clear install spec and a trustworthy source for 'gog', treat this skill as risky and avoid installing it on production systems.
Capability Analysis
Type: OpenClaw Skill
Name: email-web-interface
Version: 1.0.0
The skill provides instructions and code to set up an email web interface using Roundcube or a custom Flask application. It contains several security vulnerabilities, including instructions to disable SSL certificate verification ('verify_peer' => false) in the Roundcube configuration and running a Flask development server in debug mode accessible on all network interfaces (host='0.0.0.0', debug=True). While these appear to be unintentional configuration flaws rather than intentional malware, they pose a significant risk of Man-in-the-Middle (MITM) attacks and Remote Code Execution (RCE) via the Flask debugger. Relevant file: SKILL.md.
Capability Assessment
Purpose & Capability
The description says 'Web interface for agent email' but the package metadata lists no required credentials or binaries. SKILL.md, however, instructs installing Roundcube (apt/docker) and/or using a local '/usr/local/bin/gog' CLI and storing Gmail SMTP credentials — the metadata and declared requirements are inconsistent with the actual needs.
Instruction Scope
Instructions tell operators to install system packages or run a Docker image, add plaintext SMTP app passwords into Roundcube config, set 'verify_peer' => false for IMAP (disables TLS cert verification), enable 'less secure apps', and run a Flask app with debug=True. These steps go beyond a small helper and introduce insecure defaults and broad system-level changes.
Install Mechanism
No formal install spec is provided in the registry, but SKILL.md recommends apt-get installs or running an official-looking Docker image (roundcube/roundcubemail). Using the official Roundcube image is reasonable, but the skill omits an explicit, auditable install spec and also relies on an undocumented third-party binary ('gog') at /usr/local/bin/gog for a custom interface.
Credentials
The skill implicitly requires Gmail credentials or an app password and access to an agent Gmail account, but the registry lists no required env vars or primary credential. Requesting account passwords/app passwords and suggesting disabling security (less secure apps) is disproportionate and risky without explicit credential handling guidance (OAuth, secret store, or env vars).
Persistence & Privilege
The skill does not request always:true or any system-wide persistent privileges and does not claim to modify other skills. Persistence/privilege level appears normal.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install email-web-interface - After installation, invoke the skill by name or use
/email-web-interface - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release introducing a web interface for agent email communication via Gmail integration.
- Supports inbox viewing, draft creation/editing, and sending emails using Gmail/Gog CLI.
- Recommends using Roundcube for full webmail functionality, with guidance for Gmail configuration.
- Provides step-by-step setup instructions, security best practices, and integration options with Mission Control.
- Includes fallback and customization plans if existing webmail solutions are insufficient.
Metadata
Frequently Asked Questions
What is Email Web Interface?
Web interface for agent email communication (Lourens, Ace, etc.). Provides inbox viewing, draft creation/editing, and sending functionality via Gmail/Gog CLI... It is an AI Agent Skill for Claude Code / OpenClaw, with 76 downloads so far.
How do I install Email Web Interface?
Run "/install email-web-interface" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Email Web Interface free?
Yes, Email Web Interface is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Email Web Interface support?
Email Web Interface is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Email Web Interface?
It is built and maintained by stefanferreira (@stefanferreira); the current version is v1.0.0.
More Skills