← Back to Skills Marketplace
Recruit Email Monitor
by
haoxianniu528-bit
· GitHub ↗
· v1.0.0
· MIT-0
219
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install recruit-email-monitor
Description
招聘邮件监控系统 - 自动检查邮箱、记录到表格、飞书通知、每日简报
Usage Guidance
Do NOT install or enable the cron jobs without reviewing and editing the scripts. Immediate actions to take before use:
- Remove any hard-coded email accounts/passwords from scripts; configure your own accounts via a secure mechanism (environment variables or a protected config file), not inline constants.
- Search both scripts for Feishu target IDs (e.g., 'ou_8de0...') and replace them with your own target or require a configurable value; otherwise notifications will go to the repository author's account.
- Verify the 'openclaw message send' calls and ensure the OpenClaw CLI and Feishu plugin are trusted and configured correctly; consider replacing with direct API integration that uses your secrets stored securely.
- Update EXCEL_PATH and PROCESSED_FILE to safe locations and inspect file permissions.
- Prefer storing secrets in a secrets manager or environment variables and avoid committing credentials into code. If the included credentials are real, treat them as compromised and do not reuse them.
If you are not comfortable auditing and editing the Python scripts yourself, do not install this skill.
Capability Analysis
Type: OpenClaw Skill
Name: recruit-email-monitor
Version: 1.0.0
The skill bundle contains hardcoded sensitive credentials, including email authorization codes for QQ and 163 accounts, and a hardcoded Feishu recipient ID (ou_8de02604ccd510eeb4897ffd70d96c1d) in both 'scripts/email-heartbeat-check.py' and 'scripts/email-daily-briefing.py'. While the documentation instructs users to replace these, the default configuration would exfiltrate the user's recruitment data to the author's Feishu account if not properly updated. Additionally, the scripts rely on hardcoded absolute paths tied to a specific local user ('/home/erhao/'), which is a significant security and portability flaw.
Capability Assessment
Purpose & Capability
The declared purpose (email monitoring → Excel + Feishu notifications) matches the included scripts. However the shipped code contains hard-coded email accounts and passwords and fixed Feishu target IDs (not declared as required secrets or optional placeholders). It also calls the OpenClaw CLI to send Feishu messages but the skill metadata does not declare a dependency on an 'openclaw' binary or the platform Feishu plugin. Bundling other people's credentials and a hard-coded external recipient is not necessary for the stated purpose.
Instruction Scope
SKILL.md instructs editing the scripts to configure accounts, but the scripts already contain specific account credentials and a Feishu recipient ID. The runtime instructions recommend importing cron jobs that are enabled by default. The scripts read/write files under home (EXCEL_PATH, PROCESSED_FILE), call subprocess to invoke 'openclaw message send' (sending content externally), and do not offer or document using environment variables to store secrets—encouraging secrets in code. This grants the skill authority to read/modify email data and transmit summaries to an external Feishu account unless the user changes the defaults.
Install Mechanism
There is no automated install that downloads arbitrary code; the skill is instruction-only with bundled scripts. The only dependency is openpyxl (pip) which is reasonable for Excel I/O. SKILL.md incorrectly lists 'poplib' under pip (poplib is in the Python stdlib), but no remote downloads or extract operations are used.
Credentials
The skill declares no required env vars or primary credential, but the scripts embed sensitive credentials (EMAIL_ACCOUNTS with email addresses and passwords) and hard-coded Feishu target IDs. The presence of these secrets in the repo and the use of a fixed external Feishu recipient are disproportionate and unexpected for an installable skill; users would normally provide their own credentials via config or env vars. The skill also assumes specific filesystem paths (/home/erhao/..., ~/.openclaw/...), which leaks implementation assumptions and can cause data to be written to unexpected locations.
Persistence & Privilege
always: false (not force-enabled). However cron-jobs.json in the repo contains enabled=true jobs and INSTALL.md instructs importing them. If the user imports those jobs without auditing, the scripts will run periodically (hourly/daily) and send data externally. The skill does not modify other skills, but its default cron config together with hard-coded credentials and target IDs increases persistent risk if installed as-is.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install recruit-email-monitor - After installation, invoke the skill by name or use
/recruit-email-monitor - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of recruit-email-monitor: 招聘邮件监控系统
- 自动监控多邮箱招聘相关邮件,按类型分类并记录到Excel表格
- 新邮件实时飞书通知,支持每日9点简报推送
- 支持QQ/163邮箱授权码配置,表格自动管理和状态标记
- 包含邮箱检查、日报生成脚本,开放表格与简报文件路径配置
- 详细分类规则与常见故障排查说明
Metadata
Frequently Asked Questions
What is Recruit Email Monitor?
招聘邮件监控系统 - 自动检查邮箱、记录到表格、飞书通知、每日简报. It is an AI Agent Skill for Claude Code / OpenClaw, with 219 downloads so far.
How do I install Recruit Email Monitor?
Run "/install recruit-email-monitor" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Recruit Email Monitor free?
Yes, Recruit Email Monitor is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Recruit Email Monitor support?
Recruit Email Monitor is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Recruit Email Monitor?
It is built and maintained by haoxianniu528-bit (@haoxianniu528-bit); the current version is v1.0.0.
More Skills