← 返回 Skills 市场
ryanchan720

Email Bridge

作者 ryanchan720 · GitHub ↗ · v0.6.3 · MIT-0
cross-platform ⚠ suspicious
145
总下载
0
收藏
0
当前安装
11
版本数
在 OpenClaw 中安装
/install email-bridge
功能描述
Email management skill for AI assistants with real-time notifications, smart categorization (7 categories), verification code extraction, and HTML content sa...
使用说明 (SKILL.md)

Email Bridge Skill

Email management skill for OpenClaw. Provides real-time email monitoring with smart categorization and clean notifications for AI assistants.

Features

  • Real-time notifications: IMAP IDLE (QQ/NetEase) + polling (Gmail)
  • Smart categorization: 7 categories with subject-only classification
  • Verification code extraction: Context-aware, low false positive rate
  • HTML content sanitization: Clean text from HTML emails, remove invisible chars
  • Prompt injection protection: Safe email content for AI processing
  • Multi-provider support: Gmail (API), QQ Mail (IMAP), NetEase (IMAP)

Installation

cd skills/email-bridge
pip install -e .

Setup (Manual CLI Required)

⚠️ Security Note: Do NOT share authorization codes in chat. Configure accounts via CLI only.

# Add account (prompts for authorization code securely)
email-bridge accounts add [email protected] -p qq

# Sync emails
email-bridge sync

# Start daemon for real-time notifications
email-bridge daemon start -d

Getting Authorization Codes

QQ Mail: https://service.mail.qq.com/detail/0/75 (send SMS, get 16-char code)

NetEase (163/126): Settings → POP3/SMTP/IMAP → Enable → Get code

Gmail: Requires OAuth setup (see README.md)

Capabilities

  • Receive emails: Sync and read emails from configured accounts
  • Send emails: Send emails via SMTP
  • Real-time notifications: Push to OpenClaw via openclaw system event
  • Smart categorization: 7 categories with keyword-based classification
  • Verification code extraction: Context-aware extraction with low false positives
  • Link extraction: Extract action links from emails
  • HTML sanitization: Clean text extraction with invisible char removal
  • Prompt injection protection: Sanitize email content for safe AI processing

Email Categories

Subject-only classification for fast, reliable categorization:

Category Icon Description Example Keywords
verification 🔐 Verification codes, activation 验证码, OTP, activate, 绑定邮箱
security ⚠️ Security alerts, login warnings 安全提醒, security alert, 密码修改
transactional 📦 Orders, payments, shipping 订单确认, receipt, 发货通知
promotion 🎁 Marketing, promotions, rewards 奖励, 优惠, promo, discount
subscription 📰 Newsletters, digests newsletter, 订阅, weekly digest
spam_like 🚫 Suspected spam 中奖, FREE, click here now
normal Regular email (default)

Trigger Keywords

Chinese: 邮箱、邮件、发邮件、查看邮件、验证码、QQ邮箱、Gmail

English: email, mail, send email, check email, verification code

Common Commands

# List recent emails
email-bridge messages list -n 10

# Get verification codes from recent emails
email-bridge codes

# Send email
email-bridge send -a \x3Caccount_id> -t [email protected] -s "Subject" -b "Body"

# Daemon management
email-bridge daemon status
email-bridge daemon stop

Configuration

Configuration file: ~/.email-bridge/config.json

Default configuration (auto-generated, minimal):

{
  "daemon": {
    "poll_interval": 300,
    "notify_openclaw": true
  }
}

Full configuration with all options (customize as needed):

{
  "daemon": {
    "poll_interval": 300,
    "notify_openclaw": true,
    "notification": {
      "include_body": false,
      "body_max_length": 500,
      "include_verification_codes": true,
      "include_links": false
    }
  }
}

Notification Options

Option Default Description
include_body false Include email body preview in notifications
body_max_length 500 Max characters for body preview
include_verification_codes true Auto-extract and show verification codes
include_links false Include action links (verify/reset)

Notifications

When new emails arrive, the daemon sends formatted notifications:

📧 新邮件: [email protected]

1. 🔐 Google
   您的验证码
   ✨ 验证码: 123456

2. ⚠️ Microsoft
   登录提醒
   📝 We noticed a new sign-in...

3. 🎁 OKX
   150 USDT 奖励等您拿
   📝 亲爱的欧易用户,欧易诚邀您加入邀请好友计划...

HTML Content Processing

HTML-only emails are processed through:

  1. Tag stripping: Remove \x3Cstyle>, \x3Cscript>, and all HTML tags
  2. Entity decoding: Convert HTML entities to text
  3. Invisible char removal: Remove zero-width spaces, BOM, etc.
  4. Whitespace normalization: Clean up spacing
  5. Prompt injection protection: Remove dangerous patterns

Example: HTML with invisible chars → Clean readable text

Security Features

  • Subject-only classification: No body scanning for privacy
  • Context-aware code extraction: Only extract near verification keywords
  • Invisible char sanitization: Remove U+200B, U+FEFF, U+034F, etc.
  • Prompt injection protection: Filter dangerous instruction patterns
  • Address pattern exclusion: Don't extract numbers from addresses

Data Storage

All data stored locally at ~/.email-bridge/:

~/.email-bridge/
├── email_bridge.db    # SQLite database (accounts, messages)
├── config.json        # Configuration file
├── daemon.pid         # Daemon process ID
├── daemon.log         # Logs
└── gmail/
    ├── credentials.json  # OAuth credentials
    └── token_*.json      # OAuth tokens

⚠️ Credentials are stored unencrypted. Protect this directory.

Revoking Access

# Stop daemon
email-bridge daemon stop

# Remove all stored data
rm -rf ~/.email-bridge

# For Gmail: revoke at https://myaccount.google.com/permissions
# For QQ/NetEase: regenerate authorization codes in email settings

Dependencies

All from PyPI:

  • click >= 8.0
  • pydantic >= 2.0
  • imaplib2 >= 3.6
  • google-api-python-client >= 2.0 (Gmail only)
  • google-auth-oauthlib >= 1.0 (Gmail only)

Security Notes

  1. Never share authorization codes in chat - use CLI interactively
  2. Credentials stored unencrypted - protect ~/.email-bridge/ directory
  3. Email content is sanitized - prompt injection protection enabled
  4. Daemon runs with user privileges - no elevated access needed
  5. Subject-only classification - privacy-conscious processing

Changelog

v0.6.2

  • Add PROMOTION category for marketing emails (🎁 icon)
  • Add TRANSACTIONAL category for orders/shipping (📦 icon)
  • Expand keyword pools for all categories
  • Add invisible character sanitization (U+200B, U+FEFF, U+034F, etc.)
  • Improve HTML-to-text extraction
  • Update documentation (DESIGN.md, README.md)

v0.6.1

  • Add IDLE keepalive (60s timeout) for connection stability
  • Add sync retry mechanism (up to 3 retries)
  • Improve daemon reliability for flaky networks

v0.6.0

  • Smart notification format based on email category
  • Prompt injection protection with sanitize_for_notification()
  • HTML-to-text fallback for HTML-only emails
  • Subject-only classification for privacy
  • Context-aware verification code extraction
  • Category icons (🔐 ⚠️ 📦 🎁 📰 🚫)

v0.5.7

  • Initial ClawHub release
  • Gmail, QQ Mail, NetEase support
  • IMAP IDLE real-time notifications
  • Verification code extraction
  • Link extraction
安全使用建议
This package is internally consistent with an email-management tool, but take these precautions before installing: - Understand where secrets live: credentials and OAuth tokens are stored unencrypted under ~/.email-bridge/. Protect that directory (filesystem permissions, disk encryption). If you dislike plaintext tokens, do not install or run the daemon on untrusted machines. - Limit what the daemon sends to the agent: change config so notify_openclaw = false or set include_verification_codes = false and include_body = false if you don't want codes or body previews pushed to OpenClaw events by default. - Review install scripts (install.sh, pyproject.toml) locally before running pip install -e .; preferably install in a controlled virtualenv or container. - After testing, if you remove the skill, revoke OAuth tokens (Gmail) and delete ~/.email-bridge to remove cached tokens and saved passwords. - If you need higher assurance, inspect the repository files not fully shown here (truncated files) for any unexpected network endpoints or obfuscated code, and run the code in an isolated environment first. Confidence is medium because some files were truncated in the manifest; a quick scan of the remaining files for unexpected network calls or obfuscated behavior would raise confidence to high.
功能分析
Type: OpenClaw Skill Name: email-bridge Version: 0.6.3 The skill provides email management features including reading, sending, and extracting verification codes (OTPs) from Gmail, QQ, and NetEase accounts. While these features are aligned with its stated purpose, the automated extraction of sensitive security codes (implemented in email_bridge/extraction.py) and the unencrypted local storage of email authorization codes and OAuth tokens in ~/.email-bridge/ (documented in SKILL.md and handled in email_bridge/db.py) present significant security risks. Additionally, the background daemon (email_bridge/daemon.py) uses subprocess.run to interact with the OpenClaw system, which is a high-privilege capability. Although the code includes sanitization logic (email_bridge/sanitize.py) to mitigate prompt injection, the inherent risk of OTP handling and credential storage vulnerabilities warrants a suspicious classification.
能力评估
Purpose & Capability
Name/description (email management, notifications, code extraction) match the code and runtime instructions. Providers (Gmail/IMAP/QQ/NetEase) are implemented in adapters and the skill legitimately needs stored credentials/OAuth tokens and local DB. No unrelated services or env vars are requested.
Instruction Scope
Runtime instructions and code keep scope to email tasks (sync, daemon, notifications). However the daemon's default configuration (notify_openclaw: true and include_verification_codes: true) will push potentially sensitive verification codes and optional body previews into OpenClaw system events. The SKILL.md warns not to paste auth codes in chat but the default behavior will transmit extracted verification codes to the agent — this is a privacy/exposure risk even though it's consistent with the skill's purpose.
Install Mechanism
Registry contains no automated install spec, but the repo includes pyproject, install.sh, and 'pip install -e .' is the documented install. Installing from source via pip is expected for this project; review install.sh and pyproject before running. No remote arbitrary download URLs were present in the manifest, lowering install risk.
Credentials
The skill does not request platform environment variables, but it requires provider credentials (OAuth credentials for Gmail, IMAP/SMTP auth codes) which are appropriate for an email client. A notable issue: credentials and OAuth tokens are stored on disk under ~/.email-bridge unencrypted (explicitly documented). That is proportionate for operation but increases local risk if the machine is compromised.
Persistence & Privilege
The skill does not request 'always: true' and follows normal daemon behavior, writing only to its own config and DB under ~/.email-bridge. Autonomous invocation is enabled by default (normal). It does not modify other skills or system-wide agent settings.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install email-bridge
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /email-bridge 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.6.3
## v0.6.3 - Clarified default and full configuration options in documentation. - Updated README and SKILL metadata to match new configuration details. - No code logic changes; documentation improvements only.
v0.6.2
## v0.6.2 - Added PROMOTION (🎁) and TRANSACTIONAL (📦) categories with expanded keyword pools for smarter email categorization. - Enhanced HTML-to-text extraction and content sanitization, including removal of invisible Unicode characters (e.g., U+200B, U+FEFF). - Improved verification code extraction with better context awareness and reduced false positives. - Updated documentation and design details to reflect new features and changes.
v0.6.1
Fix HTML-to-text conversion, improve notification format
v0.6.0
**v0.6.0 introduces smart notifications, prompt injection protection, and advanced config options.** - Smart category-based notification formatting with icons and previews - Prompt injection protection: email content is sanitized before display - Automatic HTML-to-text fallback for emails without plain text - Configurable notification options via `config.json` - Added support for extraction of verification codes and action links in notifications - New files: notification settings, sanitization, test suite, and sample configuration
v0.5.7
Security fixes: - Remove conversational setup example from README - Clarify that notifications only send metadata (sender, subject) - Verified daemon code does NOT send email body or attachments - Add CLI-only configuration instructions
v0.5.6
Security improvements: - Remove conversational setup path entirely - Require manual CLI configuration only - Add homepage and source links to metadata - Fix version mismatch (__init__.py now 0.5.6) - Clarify notifications send only metadata (sender/subject) - Note credentials stored unencrypted
v0.5.5
Security improvements: - Recommend manual CLI config as primary method - Mark conversational setup as less secure alternative - Add instructions for revoking access - Clarify that chat history may retain messages - Note that email metadata surfaces to OpenClaw platform
v0.5.4
Address review feedback: - Include all referenced files (pyproject.toml, references/, README.md, email_bridge/) - Fix installation path in SKILL.md - Add security notes about credential handling - Document dependencies
v0.5.3
Switch SKILL.md to English for international users
v0.5.2
首个发布版本
v0.5.0
email-bridge v0.5.0 - 新增对 Gmail、QQ邮箱、网易邮箱(163/126)的收发邮件、验证码/操作链接提取、实时通知等功能说明 - 增加对话式账号配置说明与常见对话示例,降低上手门槛 - 文档梳理:详细补充了安装流程、能力说明、命令格式和文件结构指导 - 显著优化中英文触发关键词,支持自然语言操作 - 明确数据存储与安全注意事项
元数据
Slug email-bridge
版本 0.6.3
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 11
常见问题

Email Bridge 是什么?

Email management skill for AI assistants with real-time notifications, smart categorization (7 categories), verification code extraction, and HTML content sa... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 145 次。

如何安装 Email Bridge?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install email-bridge」即可一键安装,无需额外配置。

Email Bridge 是免费的吗?

是的,Email Bridge 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Email Bridge 支持哪些平台?

Email Bridge 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Email Bridge?

由 ryanchan720(@ryanchan720)开发并维护,当前版本 v0.6.3。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论