← Back to Skills Marketplace
pebblerwon

email-cron-handler

by 王浩楠 · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
261
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install email-cron-handler
Description
邮件指令定时处理任务。通过 IMAP/SMTP 自动接收并执行邮件中的指令,以邮件形式回复执行结果。适用于:(1) 创建定时任务监控指定邮箱 (2) 通过邮件下发指令给 AI Agent (3) 实现邮件驱动的自动化工作流。需配置:收件邮箱、SMTP/IMAP 配置、指令发件人白名单。
README (SKILL.md)

Email Cron Handler

通过邮件接收指令、定时执行并回复结果的自动化工作流。

核心功能

  • 定时检查指定邮箱的新邮件
  • 过滤白名单发件人的指令邮件
  • 执行邮件中的指令并回复结果
  • 支持成功/失败/超时状态反馈

文件结构

email-cron-handler/
├── SKILL.md
├── scripts/
│   ├── process_email.py      # 主处理脚本
│   └── config.json.example   # 配置示例文件
└── references/
    └── config-template.md    # 详细配置说明

快速开始

Step 1: 配置邮箱参数

cd ~/.agents/skills/email-cron-handler/scripts
cp config.json.example config.json
# 编辑 config.json,填入你的实际配置

配置项说明:

  • email: 你的邮箱账号
  • password: 邮箱授权码(QQ邮箱需在设置中开启IMAP/SMTP后获取)
  • imap_host/imap_port: IMAP 服务器地址和端口
  • smtp_host/smtp_port: SMTP 服务器地址和端口
  • whitelist_sender: 白名单发件人(只处理这些地址发来的邮件)

Step 2: 初始化存储目录

mkdir -p ~/.openclaw/workspace/memory
echo '[]' > ~/.openclaw/workspace/memory/processed_emails.json

Step 3: 创建定时任务

方式一:使用脚本(推荐)

Cron 任务只需执行简单逻辑:

  1. 调用 python process_email.py fetch 获取未处理邮件
  2. 对每封邮件执行指令
  3. 调用 python process_email.py reply \x3Cuid> \x3C结果> 回复结果

方式二:直接用 LLM(当前方式)

保持现有指令模板即可,脚本作为备用/调试工具。

脚本用法

# 获取未处理邮件
python process_email.py fetch

# 回复邮件(内容直接提供)
python process_email.py reply \x3Cuid> "执行结果内容"

# 回复邮件(从文件读取内容)
python process_email.py reply \x3Cuid> --file result.txt

# 标记邮件为已处理(不回复)
python process_email.py mark \x3Cuid>

常见问题

Q: 如何测试脚本?

cd ~/.agents/skills/email-cron-handler/scripts
python process_email.py fetch

Q: 授权码在哪里获取? A: QQ 邮箱 → 设置 → 账户 → 开启 IMAP/SMTP 服务 → 获取授权码

Q: 脚本和 LLM 指令选哪个? A:

  • 脚本方式:稳定快速,适合简单场景
  • LLM 指令方式:灵活可扩展,适合复杂指令执行
Usage Guidance
This skill will read a mailbox and can cause your agent to execute instructions embedded in emails; that is powerful but also dangerous if misused. Before installing or running it: - Do not place real/privileged credentials in plaintext config.json or pass them in cron payloads. Use an app-specific token, a dedicated throwaway mailbox, or a secure secret store (OS keychain / secrets manager) and avoid embedding secrets in scheduler payloads or agent turns. - Prefer the provided Python script (fetch/reply) to run in a tightly sandboxed environment and avoid giving the LLM direct authorization to 'execute' commands. If you must automate, restrict the allowed command set to a whitelist of safe operations and implement explicit parsing/validation rather than treating the whole email body as executable instructions. - Avoid scheduling regular autonomous agent turns that include secrets; if using a scheduler, ensure payloads do not contain credentials and that the execution environment enforces strict egress/network controls and logging policies. - Use a dedicated, low-privilege mailbox for testing; rotate credentials often; log and monitor outgoing SMTP activity. - If you want to proceed safely, request changes from the skill author (or modify locally): remove credential embedding in cron payloads, make whitelist_sender an explicit list, implement explicit allowed-command parsing, and store secrets in a secure store. Confidence is high that these are genuine risks (design choices rather than mere bugs). Additional information that would reduce risk: (1) confirmation that the agent never receives credentials in runtime payloads and that only the local script runs (no LLM execution), (2) use of secure secret storage for IMAP/SMTP credentials, and (3) an allowlist of permitted commands with sandboxing for any action the agent performs.
Capability Analysis
Type: OpenClaw Skill Name: email-cron-handler Version: 1.0.0 The skill bundle implements a remote command execution (RCE) framework that uses email (IMAP/SMTP) as a command-and-control (C2) channel. The instructions in 'SKILL.md' and 'references/01-config-template.md' direct the AI agent to fetch emails from a whitelisted sender and execute the body of those emails as arbitrary instructions, effectively creating a remote shell. While the tool includes a whitelist mechanism and is framed as an automation utility, the combination of external command execution and provided 'cron' templates for persistence creates a high-risk environment similar to a backdoor or remote access trojan (RAT).
Capability Assessment
Purpose & Capability
The files (SKILL.md, config template, and process_email.py) match the stated purpose: fetching IMAP mail, filtering by sender, replying via SMTP, and enabling email-driven automation. However, the design mixes two execution paths: (a) a benign helper script that only fetches/replies, and (b) explicit agent/LLM payload templates that instruct the model to 'execute the instruction' found in email. Requiring the agent to execute arbitrary emailed instructions broadens capability beyond what a conservative 'mail fetch/reply' helper would need.
Instruction Scope
SKILL.md and the reference template explicitly tell the LLM to read local processed_emails.json, fetch up to 50 messages, parse the email body as an instruction, '尝试执行该指令(查询天气/搜索信息/执行操作等)', and always reply. That grants the agent very broad discretion to perform arbitrary tasks derived from potentially untrusted email content. The cron/payload examples embed full IMAP/SMTP credentials into the agent turn payload, which would transmit secrets to whatever cron/agent execution system handles that payload.
Install Mechanism
No install step or networked downloads are used; this is an instruction-only skill with one local Python script. That minimizes installer risk (nothing downloaded/extracted), but the code and instructions still request/handle secrets and schedule autonomous runs.
Credentials
The skill asks you to store your email and password/authorization code in a plaintext config.json and to embed those values into cron payloads. While IMAP/SMTP credentials are functionally needed to read/send email, the skill does not use secure secret storage or recommend safe practices, and the cron payload design causes credentials to be placed in scheduler metadata and in the agent turn (likely visible to logs or an execution service). The skill also does not declare these as required env vars (it uses a local file), which reduces clarity about where secrets will live.
Persistence & Privilege
always:false, but the provided cron examples schedule autonomous agent turns that include credentials and instructions to execute arbitrary commands. Regular autonomous invocation with embedded secrets materially increases blast radius (credentials could be logged, stored, or observed by the scheduler/execution environment). The skill does not modify other skills or system configs, but its recommended scheduling practice is risky.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install email-cron-handler
  3. After installation, invoke the skill by name or use /email-cron-handler
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of email-cron-handler: - Automates processing of command emails via IMAP/SMTP and replies with execution results. - Supports scheduled mailbox monitoring, sender whitelisting, and execution status feedback (success/failure/timeout). - Provides example configuration and documentation for quick setup. - Includes scripts for fetching, replying to, and marking processed emails.
Metadata
Slug email-cron-handler
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is email-cron-handler?

邮件指令定时处理任务。通过 IMAP/SMTP 自动接收并执行邮件中的指令,以邮件形式回复执行结果。适用于:(1) 创建定时任务监控指定邮箱 (2) 通过邮件下发指令给 AI Agent (3) 实现邮件驱动的自动化工作流。需配置:收件邮箱、SMTP/IMAP 配置、指令发件人白名单。 It is an AI Agent Skill for Claude Code / OpenClaw, with 261 downloads so far.

How do I install email-cron-handler?

Run "/install email-cron-handler" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is email-cron-handler free?

Yes, email-cron-handler is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does email-cron-handler support?

email-cron-handler is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created email-cron-handler?

It is built and maintained by 王浩楠 (@pebblerwon); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments