← 返回 Skills 市场
Outlook Add-in
作者
nachtsheim
· GitHub ↗
· v0.2.0
· MIT-0
92
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install outlook-addin
功能描述
Outlook sidebar add-in that brings the full power of your OpenClaw agent into Microsoft Outlook. Chat with your agent about any email, use all your tools and...
安全使用建议
This skill is coherent for adding an Outlook sidebar that connects to your local OpenClaw Gateway, but it relies on running third‑party code and intentionally exposes your agent inside Outlook. Before proceeding: 1) Inspect the GitHub repository and manifest.xml — confirm the code is trustworthy, review requested Outlook permissions, and check recent commits/maintainer reputation. 2) Do not add https://localhost:3000 to Gateway allowed origins unless you trust the add-in; ensure your Gateway requires authentication and limit allowed origins to only necessary hosts. 3) Be cautious running npm install and a local dev server — run these steps in a controlled/dev environment (not on a critical machine) and audit node packages if possible. 4) Understand that exposing "full agent — with all tools, skills, and automations" to an email context can let the add-in read email content and invoke agent tools; keep sensitive accounts/data locked down and consider least-privilege configurations. 5) If you need higher assurance, ask the publisher for a signed release or a vetted package rather than running a dev server from source. If you cannot verify the repo or do not accept the above risks, avoid installing.
功能分析
Type: OpenClaw Skill
Name: outlook-addin
Version: 0.2.0
The SKILL.md file contains instructions that direct an AI agent to perform high-risk shell and network operations, specifically cloning an external repository (github.com/nachtsheim/openclaw-outlook-addin) and executing 'npm install' and 'npm run dev'. While these actions are plausibly needed for the stated purpose of setting up an Outlook add-in, they represent a significant security risk by executing untrusted code from a remote source. According to the provided criteria, risky capabilities aligned with the stated purpose but lacking clear malicious intent are classified as suspicious.
能力评估
Purpose & Capability
The name/description (Outlook sidebar add-in exposing the agent) matches the runtime instructions: clone a GitHub repo, run the local dev server, sideload manifest, and add localhost as an allowed origin in the Gateway. Nothing requested in the SKILL.md appears unrelated to building an Outlook add-in.
Instruction Scope
Instructions are narrowly focused on building and sideloading a web add-in. However, the add-in design explicitly grants Outlook a connection to your full OpenClaw agent ("all tools, skills, and automations"), which is a broad capability and increases attack surface — the SKILL.md correctly instructs adding https://localhost:3000 to Gateway allowed origins, which is necessary but should be done only after ensuring proper Gateway authentication and trust in the add-in code.
Install Mechanism
This is instruction-only (no install spec in metadata), lowering direct platform risk. But the Quick Start tells the user to clone an external GitHub repo and run npm install and a local server — that pulls third-party code onto the machine. The repo is hosted on GitHub (a common release host), which is expected, but running unreviewed npm packages and starting a dev server is potentially risky and merits review.
Credentials
The skill declares no required environment variables or credentials, which aligns with the SKILL.md. Nonetheless, its purpose is to expose the full agent to Outlook; doing so effectively grants the add-in access to the agent's capabilities. Users must ensure the Gateway enforces authentication/authorization and CORS are configured appropriately — lack of explicit creds in the skill doesn't eliminate the privilege escalation risk at runtime.
Persistence & Privilege
The skill does not request permanent inclusion (always:false), does not modify other skills or system-wide agent settings, and is user-invocable. Running as an Outlook sidebar is expected behavior and not inherently excessive.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install outlook-addin - 安装完成后,直接呼叫该 Skill 的名称或使用
/outlook-addin触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.2.0
- Introduces the OpenClaw Outlook add-in, enabling seamless integration of OpenClaw agent features directly within Microsoft Outlook.
- Allows users to chat with their agent about any email, draft replies, and access all agent tools from the Outlook sidebar.
- Supports both Outlook Desktop (Classic) and Outlook Web (OWA).
- Simple setup process provided, with links to the repository and detailed documentation.
元数据
常见问题
Outlook Add-in 是什么?
Outlook sidebar add-in that brings the full power of your OpenClaw agent into Microsoft Outlook. Chat with your agent about any email, use all your tools and... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 92 次。
如何安装 Outlook Add-in?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install outlook-addin」即可一键安装,无需额外配置。
Outlook Add-in 是免费的吗?
是的,Outlook Add-in 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Outlook Add-in 支持哪些平台?
Outlook Add-in 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Outlook Add-in?
由 nachtsheim(@nachtsheim)开发并维护,当前版本 v0.2.0。
推荐 Skills