← 返回 Skills 市场
stevenobiajulu

Outlook Email

作者 Steven Obiajulu · GitHub ↗ · v0.1.7 · MIT-0
cross-platform ⚠ suspicious
118
总下载
0
收藏
0
当前安装
8
版本数
在 OpenClaw 中安装
/install outlook-email-management
功能描述
Manage Outlook and Microsoft 365 email with AI agents — triage inbox by sender trust, draft replies with tone matching, organize folders, create inbox rules,...
安全使用建议
This skill looks like what it says: a set of Graph API patterns for managing Outlook mail. Before installing or granting consent: (1) prefer using the referenced runtime (email-agent-mcp) or another runtime that enforces the 'draft-first' + send-allowlist model, (2) grant the minimal Graph scopes needed — avoid Mail.Send and MailboxSettings.ReadWrite unless necessary, (3) verify the OAuth client/app ID and token storage (use OS keychain or secure storage), (4) consider testing against a non-production mailbox, and (5) if your platform allows autonomous invocation, restrict or require user confirmation for any send or rule-modifying action.
功能分析
Type: OpenClaw Skill Name: outlook-email-management Version: 0.1.7 The skill requests high-impact Microsoft Graph OAuth scopes, including Mail.Send and MailboxSettings.ReadWrite, which present significant risks for email exfiltration and unauthorized sending. While SKILL.md and references/outlook-graph-patterns.md provide extensive safety guidance and advocate for a 'draft-first' workflow, the instructions empower an AI agent to perform sensitive mailbox operations. The inherent risk of these capabilities, despite the documented mitigations and reliance on an external reference runtime (email-agent-mcp) for enforcement, justifies a suspicious classification.
能力标签
cryptocan-make-purchasesrequires-oauth-token
能力评估
Purpose & Capability
Name/description and the declared Microsoft Graph OAuth scopes (Mail.Read, Mail.ReadWrite, Mail.Send, MailboxSettings.ReadWrite, User.Read, offline_access) align with an email management skill; there are no unrelated binaries, environment variables, or config paths requested.
Instruction Scope
The SKILL.md instructs only Graph API interactions (listing, drafting, sending, managing folders/rules, attachments) and explicitly warns that safety guardrails are provided by the reference runtime. It does not instruct the agent to read unrelated files or exfiltrate data to hidden endpoints.
Install Mechanism
No install spec and no code files — the skill is instruction-only, so nothing is written to disk by the package itself (lowest install risk).
Credentials
The skill declares only optional environment variables, but it legitimately requires high-impact Graph scopes for full functionality. Those scopes are proportionate to the stated capabilities, but they are sensitive (Mail.Send and MailboxSettings.ReadWrite can send mail or create forwarding rules), so consent should be limited to the least-privilege scopes you actually need.
Persistence & Privilege
The skill is not always-enabled and has no install artifacts. However, platform-level autonomous invocation plus granted write scopes would increase risk if the runtime does not implement draft-first and send-allowlist protections; the SKILL.md correctly points out that the instruction-only skill cannot enforce those protections itself.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install outlook-email-management
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /outlook-email-management 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.1.7
Apply Trust Boundary preemptive disclosure technique that achieved Benign on email-cleanup v0.1.4 and docx-editing. Add a 'Trust Boundary: What This Skill Can and Cannot Enforce' section between Safety Model and Authentication & Required Scopes. Explicitly acknowledge instruction-only nature, high-risk scopes (Mail.Send, MailboxSettings.ReadWrite), runtime-dependent enforcement, and autonomous-invocation risk. Mirror scanner's own 6-point pre-install checklist as actionable guidance with source file citations.
v0.1.6
Revert experimental metadata.openclaw fields. Schema limitation: ClawHub's env/primaryEnv fields are designed for API-key credentials and cannot represent OAuth delegated tokens, so any declaration attempt creates a new inconsistency. Keep homepage field, full Authentication section in body, and honest optional env var declarations. Accept residual scanner NOTE rating as a known limitation for OAuth-based skills (gmail-secretary has the same pattern).
v0.1.5
Align metadata.openclaw.requires.env and SKILL.md body on AGENT_EMAIL_SEND_ALLOWLIST as required primary env credential (both say required now — no inconsistency). Set primaryEnv to AGENT_EMAIL_SEND_ALLOWLIST to populate primary credential registry field. The allowlist is legitimately required for any production send deployment: default is empty, which blocks all sends.
v0.1.4
Remove metadata.openclaw.requires.env list (treated as REQUIRED by parser, but our env vars are all optional — was creating a new mismatch with SKILL.md body). Keep homepage and full Authentication section; let the LLM scanner read env var details from the body rather than the registry summary.
v0.1.3
Move credential/env declarations into metadata.openclaw.requires namespace (the ClawHub-parsed schema); add homepage field pointing to reference runtime repo; add primaryCredential declaration; keep existing Authentication section in body for LLM scanner context
v0.1.2
Address ClawHub security scan feedback: declare Microsoft Graph OAuth scopes (delegated, MSAL device code flow) in requires block; list reference runtime's actual scope set (Mail.Read/ReadWrite/Send, MailboxSettings.ReadWrite, User.Read, offline_access) verifiable in auth.ts:14; add Authentication & Required Scopes section with risk mapping table and layered draft-first enforcement model citing concrete runtime guardrails (BLOCKED_ACTIONS in rules.ts:39, delete_email gated in label.ts); declare optional env vars (AGENT_EMAIL_CLIENT_ID, AGENT_EMAIL_SEND_ALLOWLIST, EMAIL_AGENT_MCP_HOME); explicitly mark calendar integration out of scope; fix local frontmatter version desync
v0.1.1
Fix crosslink slugs to match published ClawHub names
v0.1.0
Initial release: umbrella email management skill with bilingual subtitles, triage, drafting, cleanup, heartbeat, and Graph API patterns
元数据
Slug outlook-email-management
版本 0.1.7
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 8
常见问题

Outlook Email 是什么?

Manage Outlook and Microsoft 365 email with AI agents — triage inbox by sender trust, draft replies with tone matching, organize folders, create inbox rules,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 118 次。

如何安装 Outlook Email?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install outlook-email-management」即可一键安装,无需额外配置。

Outlook Email 是免费的吗?

是的,Outlook Email 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Outlook Email 支持哪些平台?

Outlook Email 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Outlook Email?

由 Steven Obiajulu(@stevenobiajulu)开发并维护,当前版本 v0.1.7。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 留言讨论