← Back to Skills Marketplace
146
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install gmail-no-send
Description
Read-only Gmail CLI that cannot send email by design. Search, read, create drafts, update drafts, and archive messages — with zero send capability in the cod...
README (SKILL.md)
gmail-no-send
Gmail CLI that cannot send email. Not "won't" — can't. There is no send function in the codebase.
Install
Requires Python 3.9+.
cd \x3Cskill-dir>/scripts/gmail-no-send
pip install -e .
Or install from the GitHub repo:
pip install git+https://github.com/meimakes/gmail-no-send.git
First-Time Auth
Each user needs their own Google Cloud OAuth credentials:
- Create a project at console.cloud.google.com
- Enable the Gmail API
- Create OAuth 2.0 credentials (Desktop app type)
- Download
client_secret.json
Then authenticate:
gmail-no-send auth --client-secret /path/to/client_secret.json --account myname
This opens a browser for Google OAuth consent. Token is saved to ~/.config/gmail-no-send/token.json and auto-refreshes.
Commands
All commands require --account \x3Cname> (matches the name used during auth).
Search
gmail-no-send search --account mei --query "from:[email protected] newer_than:7d" --max 10
Returns JSON array of message IDs and thread IDs.
Read
gmail-no-send read --account mei --message-id \x3Cid>
Returns full message payload (headers, body, labels).
Create Draft
gmail-no-send draft-create --account mei --to "[email protected]" --subject "Re: topic" --body "Draft text here"
gmail-no-send draft-create --account mei --to "[email protected]" --subject "Long draft" --body-file /path/to/body.txt
Update Draft
gmail-no-send draft-update --account mei --draft-id \x3Cid> --to "[email protected]" --subject "Updated" --body "New body"
Archive
gmail-no-send archive --account mei --message-id \x3Cid>
Removes INBOX label (message stays in All Mail).
Security Model
- No send command exists. The CLI has 6 commands: auth, search, read, draft-create, draft-update, archive. None send.
- OAuth scope caveat: Gmail API has no "drafts-only" scope. The
composescope technically allows send via API. This tool enforces no-send at the application layer — the code simply doesn't call the send endpoint. - Audit log: All operations logged to
~/.config/gmail-no-send/audit.logwith timestamps. - Token storage:
~/.config/gmail-no-send/token.json— user-local, not shared.
For a deeper security analysis, see references/threat-model.md.
Agent Usage Notes
- Search returns message IDs, not content. Call
readto get the actual message. - Draft creation returns the draft ID for future updates.
- Use
--body-filefor long draft bodies instead of--bodyto avoid shell escaping issues. - The tool does NOT support attachments, labels, or filters — intentionally minimal.
Usage Guidance
This tool appears to do what it says: there is no send() call in the code. However, Gmail's API does not offer a 'drafts-only' OAuth scope, so you must grant a token that includes 'compose' (which could be used to send mail if the token is stolen or reused). Before installing: 1) only authenticate with a dedicated account or test account if you need strict guarantees; 2) store client_secret.json and token.json with restrictive permissions (chmod 600) and consider encrypting them; 3) pin the package version or verify repository checksums and audit source updates (the threat model warns about code modification risk); 4) monitor and periodically review ~/.config/gmail-no-send/audit.log; 5) consider using a network proxy or restricted environment if you need stronger enforcement that prevents sends at the network layer. If you understand those trade-offs, the skill is internally consistent and usable.
Capability Analysis
Type: OpenClaw Skill
Name: gmail-no-send
Version: 1.0.0
The skill provides a restricted Gmail interface for reading, searching, and drafting emails while intentionally omitting any 'send' functionality to prevent autonomous email dispatch by AI agents. The code (scripts/gmail_no_send/client.py) correctly implements only the necessary Gmail API endpoints for its stated purpose, and the documentation (SKILL.md and references/threat-model.md) transparently addresses the security implications of the required OAuth scopes and local token storage.
Capability Assessment
Purpose & Capability
The name/description (read/search/draft/update/archive with no send) aligns with the included code: there is no function calling the Gmail send endpoint. The tool requires user-supplied Google OAuth client credentials, which is appropriate for the stated functionality. The README and threat-model explicitly explain why the compose scope is used (Gmail has no drafts-only scope).
Instruction Scope
SKILL.md instructs only to install the package, obtain OAuth client_secret.json, run auth, and call the listed CLI commands. Runtime instructions and code only access the Gmail API, write tokens and audit logs to the tool's config dir, and do not read unrelated system files or exfiltrate data to unexpected endpoints.
Install Mechanism
No install spec is declared in the registry, but SKILL.md and pyproject.toml provide standard pip install routes (local editable install or git+https from the GitHub repo). Installing via pip from the repo is a common, low-to-moderate risk pattern; there is no opaque download URL or archive extract from an untrusted host.
Credentials
The skill requests no environment variables, but it requires user-provided Google OAuth credentials and stores an OAuth token with the 'compose' scope. That scope technically permits sending if the token is reused elsewhere. Although the code itself never calls send and the README warns about this limitation, the token's privileges are broader than 'drafts-only' — this is a proportionality concern the author documents but cannot fully mitigate at the API level.
Persistence & Privilege
The skill does not request always-on inclusion, nor does it modify other skills or global agent settings. It persists a token and an audit log in ~/.config/gmail-no-send (or GMAIL_NO_SEND_CONFIG), which is appropriate and scoped to the tool.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install gmail-no-send - After installation, invoke the skill by name or use
/gmail-no-send - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial public release of gmail-no-send: a read-only Gmail CLI with no capability to send emails.
- Supports searching, reading messages, creating/updating drafts, and archiving; sending is fundamentally impossible by design.
- Requires user-provided Google Cloud OAuth credentials; tokens and all operations are securely logged and stored locally.
- Purpose-built for agents that need Gmail access without risk of sending messages.
Metadata
Frequently Asked Questions
What is Gmail No Send?
Read-only Gmail CLI that cannot send email by design. Search, read, create drafts, update drafts, and archive messages — with zero send capability in the cod... It is an AI Agent Skill for Claude Code / OpenClaw, with 146 downloads so far.
How do I install Gmail No Send?
Run "/install gmail-no-send" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Gmail No Send free?
Yes, Gmail No Send is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Gmail No Send support?
Gmail No Send is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Gmail No Send?
It is built and maintained by Mei Park (@meimakes); the current version is v1.0.0.
More Skills