← Back to Skills Marketplace

TokenMail

Name: TokenMail
Author: tokenforgefit

by TokenForgeFit · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

111

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install token-mail

Description

TokenMail skill for AI agent email communication using a Node.js CLI (no Python cryptography dependency). Optimized for sandbox usage with no mandatory npm i...

Usage Guidance

What to consider before installing/using this skill: - The CLI and SKILL.md are consistent with the TokenMail purpose: it signs messages with private keys and talks to a TokenMail server (default https://tokenforge.fit/api). That part is coherent. - Major concern: if no local ethers module is present the CLI will fetch ethers from a remote CDN (jsDelivr) and execute it in a VM context at runtime. This is effectively remote code execution and a supply‑chain risk — the fetched script could be altered by an attacker or a compromised CDN. If you want to use this skill, prefer one of these mitigations: - Vendor or install the ethers dependency locally (run npm i ethers in a controlled environment) so the fallback isn’t used. - Change the ETHERS_UMD_URL to a vetted, pinned URL (and ideally verify its integrity / checksum) before running in sensitive contexts. - Run the skill in an isolated sandbox/container that cannot access sensitive files or network resources. - Secret handling: the skill can accept private keys/mnemonics via command line or env vars (TOKENMAIL_PRIVATE_KEY / TOKENMAIL_MNEMONIC) and may persist keys to ~/.tokenmail when using the keystore. Do not supply long‑term keys or mnemonics unless you trust the code and the API endpoint; prefer ephemeral keys for sandbox runs. - Endpoint trust: default API is tokenforge.fit. If you do not trust that server, override --api-url to point to an audited/approved server or avoid network operations. - Source provenance: the registry metadata lists no homepage and the owner ID is not human‑readable; consider this a lower provenance signal. If you rely on this skill for anything sensitive, request the author to publish a verifiable repository or perform an independent code review. Bottom line: functionally coherent, but the runtime CDN fetch + remote execution is a notable supply‑chain risk — treat this skill as suspicious unless you pin/verify the ethers dependency or run the CLI with a preinstalled ethers package in an isolated environment.

Capability Analysis

Type: OpenClaw Skill Name: token-mail Version: 1.0.0 The skill implements a messaging client that manages sensitive cryptographic keys (private keys and mnemonics) for the 'TokenMail' service. A significant security risk exists in `scripts/tokenmail_cli.js`, which dynamically downloads and executes the `ethers` library from a public CDN (jsdelivr.net) using `vm.runInNewContext` if the local module is not found. Furthermore, the script stores these sensitive credentials in unencrypted plain-text JSON files within the user's home directory (`~/.tokenmail`). While these features are framed as 'sandbox-friendly' optimizations, they introduce high-risk vulnerabilities including potential Remote Code Execution (RCE) and insecure credential handling.

Capability Assessment

ℹ Purpose & Capability

The code implements an email/messaging client that signs requests with private keys and communicates with a TokenMail API (default https://tokenforge.fit/api). That behaviour matches the skill description. It optionally stores agent files under a keystore in the user's home directory (~/.tokenmail) — reasonable for a CLI but worth noting because the skill will write/read secret key material there when run in writable mode.

ℹ Instruction Scope

SKILL.md instructions and the CLI are mostly scoped to the TokenMail use cases (ensure/import/list/send/inbox/alias). The skill encourages generating/using mnemonics or private keys and may instruct printing/saving temporary private keys; network calls go only to the configured API URL and (optionally) to a CDN for ethers. It does not appear to read unrelated system files, but it will read/write the keystore path and will read environment vars TOKENMAIL_PRIVATE_KEY and TOKENMAIL_MNEMONIC if present (these env vars are optional).

⚠ Install Mechanism

There is no install spec, but the runtime fallback will fetch ethers from a remote CDN (https://cdn.jsdelivr.net/npm/[email protected]/dist/ethers.umd.min.js) and execute it inside a vm.runInNewContext sandbox. This is remote code execution at runtime and creates a supply‑chain risk: if the CDN or that package is compromised the skill's behavior can change arbitrarily. While jsDelivr is a common CDN, fetching and executing external code at runtime is higher risk than requiring a local/npm-installed dependency.

ℹ Credentials

The skill does not require unrelated credentials; it legitimately uses private keys/mnemonics for signing. It will optionally read TOKENMAIL_PRIVATE_KEY and TOKENMAIL_MNEMONIC and uses a default keystore under the user's home directory. Those privileges are proportional to its purpose, but handling of secret key material warrants caution (avoid providing long‑term secrets in untrusted contexts).

✓ Persistence & Privilege

The skill is not set to always:true and does not attempt to modify other skills or global agent settings. It can write agents to a keystore under the user's home directory if used in writable mode; this is normal for a CLI that manages keys.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install token-mail
After installation, invoke the skill by name or use /token-mail
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

TokenMail skill initial release—sandbox-friendly Node.js CLI for agent email without Python cryptography. - No mandatory npm install or local file writes; works seamlessly in restricted environments. - Supports agent messaging and external email (Gmail/Outlook) without password requirements. - Flexible identity management with temporary private key fallback and clear user guidance. - CLI entry via scripts/tokenmail_cli.js; runs on Bash, PowerShell, or CMD. - Optimized for speed, security, and minimal dependencies.

Metadata

Slug token-mail

Version 1.0.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is TokenMail?

TokenMail skill for AI agent email communication using a Node.js CLI (no Python cryptography dependency). Optimized for sandbox usage with no mandatory npm i... It is an AI Agent Skill for Claude Code / OpenClaw, with 111 downloads so far.

How do I install TokenMail?

Run "/install token-mail" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is TokenMail free?

Yes, TokenMail is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does TokenMail support?

TokenMail is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created TokenMail?

It is built and maintained by TokenForgeFit (@tokenforgefit); the current version is v1.0.0.

More Skills