← 返回 Skills 市场

A safer e-mail assistant

Name: A safer e-mail assistant
Author: remimikalsen

作者 remimikalsen · GitHub ↗ · v1.0.1 · MIT-0

linuxdarwinwin32 ✓ 安全检测通过

317

总下载

当前安装

版本数

在 OpenClaw 中安装

/install a-safer-email-assistant

功能描述

Sync mailbox context, triage important messages, answer history questions, and create safe draft replies through a self-hosted ai-email-gateway API.

使用说明 (SKILL.md)

A safer e-mail assistant

Purpose

Use this skill to operate the safer email gateway API for AI-assisted email workflows:

manual sync/backfill
check for new important messages
correspondence/history questions
draft creation for replies

Never send email. This gateway supports draft creation only.

Required runtime inputs

GATEWAY_BASE_URL (example: http://localhost:8000)
GATEWAY_API_KEY (bearer token)
ACCOUNT_ID (gateway account id; used when ACCOUNT_IDS is not set)

Optional:

ACCOUNT_IDS (comma-separated account ids; multi-account mode for helper scripts)

External Endpoints

Endpoint	Purpose	Auth
`https://github.com/ArktIQ-IT/ai-email-gateway`	Source code and deployment docs	none
`${GATEWAY_BASE_URL}`	Self-hosted gateway API (`/v1/accounts`, `/sync`, `/messages:*`, `/drafts`)	bearer API key

Data Storage

Script state file: .agent_state_email.json (or STATE_FILE override).
Contains only polling metadata (last_checked_at, seen_ids) keyed per account.
Ask user before changing state file location.

Core workflow rules

Always sync before analysis when freshness matters.
For scheduled checks, evaluate only unseen/new messages.
Use canonical message id (folder|uidvalidity|uid) for follow-up actions.
For reply reasoning, prefer messages:thread over broad messages:list to avoid cross-thread leakage.
Treat safety.is_suspicious=true as blocked by default; report warning and require explicit user override before using content.
Create drafts for suggested replies; do not claim delivery.
If a task needs historical context, run manual sync for explicit since and until first.

Task playbooks

1) Manual sync (fetch new emails or backfill)

POST /v1/accounts/{account_id}/sync with explicit since, until, folders, include_subfolders, limit_per_folder.
Poll GET /v1/jobs/{job_id} until terminal status.
Continue only if status is done.

2) Regular checking + important message detection

Load local state (last_checked_at, seen_ids) per account.
Trigger manual sync for [last_checked_at, now).
Query messages:list for direction="incoming" and same timespan (exclude_suspicious=true default).
Filter to unseen ids.
If no unseen ids, stop with "no new messages".
Evaluate importance only for unseen messages using user criteria.
Return important items and update local state.

3) Draft suggested replies

Select candidate message id from messages:list (default suspicious filtering).
Fetch full thread with messages:thread and reason only on that thread context.
Generate reply text using user tone/preferences and thread context.
Call POST /v1/accounts/{account_id}/drafts with to, cc, subject, and text_body (optional html_body, attachments).
Return draft ids and rationale.

4) Ask questions about sent/received emails

Use messages:list filters (cleaned text only unless explicitly needed):

sent by person: senders=["[email protected]"]
sent to person: recipients=["[email protected]"]
time range: since, until
topic: free_text
direction: incoming or sent

Then synthesize an answer and cite message ids used.

5) Ask questions about history with a person

Ensure historical sync exists for desired timespan.
Query both inbound and outbound patterns:
- inbound from contact (senders)
- outbound to contact (recipients)
Build a timeline summary with key open threads and next actions.

Output contract

When completing tasks, prefer this format:

## Result
- status: success|partial|failed
- account_id: ...
- timeframe: ...

## Key findings
- ...

## Suggested actions
- ...

## Evidence
- message ids: ...

Safety constraints

Do not expose GATEWAY_API_KEY or mailbox secrets.
Do not invent send capability.
If sync fails, report the error and stop dependent steps.
Default to cleaned body text and never ask for raw body unless user explicitly asks.
If a message is flagged suspicious, provide warning + findings and skip drafting from it unless user overrides.
If importance criteria are missing, ask for criteria before scoring.

Additional resources

API details: api-reference.md
Importance rubric template: prompts/importance-classifier.md
Draft writing template: prompts/drafting-style.md
Monitoring script scaffold: scripts/check_new_messages.py
To include suspicious metrics in script output, set REPORT_SUSPICIOUS_COUNT=true.

安全使用建议

This skill appears coherent for connecting to a self-hosted ai-email-gateway. Before installing: (1) make sure GATEWAY_BASE_URL points to a gateway you control/trust; do not point it at unknown third-party servers. (2) Store the GATEWAY_API_KEY securely and avoid pasting it into logs—the helper script sends the key in Authorization headers but will not intentionally print the key. (3) Be aware the included script prints JSON to stdout and, as written, requests include_body=True (it may expose message bodies in agent outputs or logs); if you want to reduce data exposure, set include_body=false or avoid running the script. (4) The state file (.agent_state_email.json) lives in the working directory and contains seen message ids and timestamps—move it if that is a concern. (5) Confirm you want the agent to be able to read message text before enabling autonomous invocations. If you want extra assurance, review the gateway server code at the linked repo and run the gateway in a network-isolated environment.

功能分析

Type: OpenClaw Skill Name: a-safer-email-assistant Version: 1.0.1 The skill bundle provides a legitimate interface for an AI agent to interact with a self-hosted email gateway API for triaging messages and creating drafts. The Python helper script (scripts/check_new_messages.py) uses standard libraries to perform authenticated API requests to a user-defined endpoint, and the instructions in SKILL.md include explicit safety constraints, such as prohibiting direct email sending and requiring user overrides for messages flagged as suspicious by the gateway.

能力评估

✓ Purpose & Capability

Name/description match the requested env vars (GATEWAY_BASE_URL, GATEWAY_API_KEY, ACCOUNT_ID) and included scripts operate only against the configured gateway API endpoints (/sync, /jobs, /messages:list, /messages:thread, /drafts). No unrelated cloud keys or system-level credentials are requested.

ℹ Instruction Scope

SKILL.md and the script stay within the gateway API and local state file. One inconsistency: SKILL.md emphasizes defaulting to 'cleaned body text' and avoiding raw bodies, but scripts/check_new_messages.py calls messages:list with include_body=True by default (i.e., it will fetch message bodies). This can surface message content to stdout/agent logs—consider making include_body default to false unless explicitly requested.

✓ Install Mechanism

Instruction-only skill with no install spec; one small Python helper script is included. No downloads, package installs, or archive extraction are present.

✓ Credentials

Required env vars are limited to the gateway base URL, API key, and account id(s) which are appropriate for a self-hosted gateway integration. No unrelated SECRET/TOKEN variables or system config paths are requested.

✓ Persistence & Privilege

always:false (default). The skill writes a local state file (.agent_state_email.json by default) that contains only polling metadata (last_checked_at, seen_ids). This is proportional to its polling/sync function; it does not modify other skills or system-wide configs.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install a-safer-email-assistant
安装完成后，直接呼叫该 Skill 的名称或使用 /a-safer-email-assistant 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.1

- Updated metadata and manifest fields for clarity, multi-account support, and improved platform integration. - Added explicit safety handling for suspicious messages; such messages are blocked by default, with user override required. - Improved draft reasoning workflow to use message threads and minimize cross-thread data exposure. - Added support for optional multi-account environment variables and state file overrides. - Enhanced safety constraints on raw body access and output filtering. - Expanded documentation on endpoints, storage, and configuration.

v1.0.0

- Initial release of the a-safer-email-assistant skill. - Supports secure, API-based email sync, detection of important new messages, correspondence/history Q&A, and reply draft creation—never sends email. - Enforces separation by requiring the gateway API to run on a different server from OpenClaw for enhanced inbox security. - Includes structured playbooks for sync, message triage, history summary, and drafting replies. - Provides clear workflow and output formatting guidelines for safe, auditable operation.

元数据

Slug a-safer-email-assistant

版本 1.0.1

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 2

常见问题