← 返回 Skills 市场
Email Approval Workflow
作者
stefanferreira
· GitHub ↗
· v1.0.0
· MIT-0
73
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install email-approval-workflow
功能描述
Draft external emails for human approval before sending. Use when communicating with external parties (support, competitions, businesses). Always draft first...
使用说明 (SKILL.md)
Email Approval Workflow
Purpose
Ensure all external communications are reviewed and approved by Stef before sending. Prevents miscommunication, maintains professional standards, and allows for strategic input.
When to Use This Workflow
Use for:
- Support tickets (Contabo, services, etc.)
- Competition entries
- Business inquiries
- Partnership discussions
- Any external communication
Do NOT use for:
- Internal agent communications
- System notifications
- Automated reports (unless specified)
Workflow Steps
Step 1: Draft Creation
# Create draft in drafts/ folder
mkdir -p /root/.openclaw/workspace/drafts/
cat > /root/.openclaw/workspace/drafts/{purpose}_draft.md \x3C\x3C 'EOF'
TO: [email protected]
FROM: Appropriate Agent \[email protected]>
CC: Stef Ferreira \[email protected]>
SUBJECT: Clear, descriptive subject
DATE: $(date +"%B %d, %Y")
[Professional email content]
Best regards,
[Agent Name]
[Organization]
[Email]
EOF
Step 2: Present for Approval
Present draft to Stef in current chat interface:
"Here's a draft email for [purpose]. Please review and approve:"
[Copy draft content]
Step 3: Await Approval
- Wait for explicit "approved" or "send it" confirmation
- If edits requested, update draft and resubmit
- Never send without explicit approval
Step 4: Send Email
# After approval, send using email system
cd /root/.openclaw/workspace && \
python3 email_manager.py send \
--to "[email protected]" \
--subject "Approved Subject" \
--body "$(cat /root/.openclaw/workspace/drafts/{purpose}_draft.md | tail -n +7)"
Step 5: Document
# Log sent email
echo "$(date -Iseconds)|{purpose}|{recipient}|SENT|APPROVED_BY_STEF" >> /root/.openclaw/workspace/email_log.csv
Draft Template
TO: [[email protected]]
FROM: [Agent Name] \x3C[[email protected]]>
CC: Stef Ferreira \[email protected]>
SUBJECT: [Clear, descriptive subject]
DATE: [Month Day, Year]
[Professional greeting],
[Clear, concise message with:
1. Purpose/context
2. Specific request/information
3. Supporting details
4. Call to action
5. Appreciation]
[Professional closing],
[Agent Name]
[Organization/Role]
[Contact email]
Approval Triggers
Stef must explicitly say one of:
- "Approved"
- "Send it"
- "Go ahead"
- "Yes, send that"
NOT approved by:
- "Looks good" (needs explicit send instruction)
- "OK" (ambiguous)
- Silence (never assume approval)
Examples
Example 1: Support Ticket Follow-up
TO: [email protected]
FROM: Ace \[email protected]>
CC: Stef Ferreira \[email protected]>
SUBJECT: Re: [#16240135688]: Network issues on our VPS
DATE: March 31, 2026
Dear Svitlana,
Thank you for your prompt response. To help us plan, could you provide:
1. Estimated timeline for resolution?
2. Will you provide proactive updates?
3. Any specific workarounds we should implement?
Current status: DNS workaround working, intermittent connectivity continues.
Thank you for your assistance.
Best regards,
Ace
Supply Store Africa
[email protected]
Example 2: Competition Entry
TO: [email protected]
FROM: Ace \[email protected]>
CC: Stef Ferreira \[email protected]>
SUBJECT: Entry: [Competition Name]
DATE: March 31, 2026
Dear Competition Team,
Please accept my entry for the [Competition Name].
[Required entry details]
Thank you for this opportunity.
Best regards,
Ace
Supply Store Africa
[email protected]
Error Handling
If email fails to send:
- Check network connectivity
- Verify email credentials
- Try alternative SMTP if configured
- Report failure to Stef with error details
If no response to approval request:
- Wait minimum 1 hour
- Send polite follow-up: "Just checking if you had a chance to review the draft?"
- Never send without approval
Integration with Agents
Ace (Competitions Agent)
- Uses this workflow for all competition entries
- Maintains draft folder:
/root/.openclaw/workspace/agents/ace/drafts/
Lourens (SysAdmin)
- Uses for support tickets, infrastructure communications
- Maintains audit trail of all sent emails
Facet (CAD Specialist)
- May use for technical inquiries with manufacturers/suppliers
Audit Trail
All emails tracked in:
/root/.openclaw/workspace/email_log.csv- Individual agent logs
- Email system sent items
Related Skills
gmail-gog-setup- Email system configurationsecure-secret-sharing- For sharing draft links if neededtelegram-multi-bot- For approval notifications via Telegram
安全使用建议
This skill appears to do what it says: draft emails, require explicit approval, then send and log them. Before installing, verify: 1) the agent runs with permission to write to the specified /root/.openclaw workspace or adjust paths to a less privileged location; 2) an email sender (email_manager.py or equivalent) exists and its credentials are configured securely (don’t hardcode SMTP credentials in world-readable files); 3) you are comfortable with every external message being CC'd to the named personal Gmail address (privacy/PII concern) — change or remove that if inappropriate; 4) the workflow’s reliance on an explicit textual approval is enforced in the agent implementation (don’t allow ambiguous replies like “looks good” to be treated as approval). If any of these are unclear, request the missing implementation details or modify the SKILL.md to use safer paths and to document how email credentials are provided and protected.
功能分析
Type: OpenClaw Skill
Name: email-approval-workflow
Version: 1.0.0
The skill defines an email approval workflow but contains a shell injection vulnerability in SKILL.md. The instructions direct the agent to use a placeholder `{purpose}` directly in shell commands (e.g., mkdir, cat, and python execution) without sanitization, which could lead to arbitrary command execution or data exfiltration if the agent processes untrusted input for the purpose field. While the workflow includes a human-in-the-loop safety check for sending emails, the underlying command construction is flawed.
能力评估
Purpose & Capability
Name and description match the runtime instructions: create drafts, present for human approval, then send and log after explicit approval. The hard-coded requirement to CC a specific person (Stef) and the use of specific workspace paths (/root/.openclaw/...) are design choices that align with the stated goal but should be confirmed by the user.
Instruction Scope
All instructions stay within the email-approval workflow: they create draft files, show drafts to a human for approval, then call a local email sender (python3 email_manager.py send) and append an audit line to an email_log.csv. These steps reference specific absolute paths (including /root) and a local script (email_manager.py) that is not included — the agent will need permission to write those paths and a working email-sender available. The SKILL.md also hardcodes Stef's personal Gmail in CC which has privacy/PII implications.
Install Mechanism
Instruction-only skill with no install steps and no third-party packages or downloads. This is the lowest install risk.
Credentials
The skill declares no environment variables or credentials. However, sending email (email_manager.py) will require email credentials or SMTP configuration at runtime; those credentials are not requested or described here. Confirm where email credentials are stored and that they are supplied securely and minimally (only what the mailer needs).
Persistence & Privilege
The skill does not request elevated platform privileges and is not marked always:true. It writes to /root/.openclaw/workspace/ and an email_log CSV within the workspace — reasonable for an audit trail, but verify the agent's filesystem permissions and that writing under /root is acceptable.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install email-approval-workflow - 安装完成后,直接呼叫该 Skill 的名称或使用
/email-approval-workflow触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of the email-approval-workflow skill, introducing a structured process for drafting, reviewing, and sending external emails.
- Requires all external communications to be drafted and explicitly approved by Stef before sending.
- Provides step-by-step workflow: draft creation, approval request, explicit approval, sending, and logging.
- Includes templates, approval triggers, error handling steps, and integration guidance for different agents.
- All actions are logged for auditability and compliance.
元数据
常见问题
Email Approval Workflow 是什么?
Draft external emails for human approval before sending. Use when communicating with external parties (support, competitions, businesses). Always draft first... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 73 次。
如何安装 Email Approval Workflow?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install email-approval-workflow」即可一键安装,无需额外配置。
Email Approval Workflow 是免费的吗?
是的,Email Approval Workflow 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Email Approval Workflow 支持哪些平台?
Email Approval Workflow 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Email Approval Workflow?
由 stefanferreira(@stefanferreira)开发并维护,当前版本 v1.0.0。
推荐 Skills