← 返回 Skills 市场
outlook-mail-reader
作者
Xuanwu Yun
· GitHub ↗
· v1.0.0
· MIT-0
86
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install outlook-mail-reader
功能描述
通过 MCP chrome-devtools 协议控制用户本地 Chrome 浏览器,查询 Outlook 邮件。支持按日期跳转、筛选、搜索邮件。使用前提:用户已在 Chrome 中开启远程调试(127.0.0.1:9222 或 18800),且 OpenClaw 已配置 chrome-devtools-mcp...
安全使用建议
This skill can legitimately control your browser to read Outlook, but it requires two sensitive actions: enabling Chrome remote debugging (127.0.0.1:9222) and adding an OpenClaw gateway entry that runs 'npx chrome-devtools-mcp@latest'. Those steps give whatever runs via MCP broad, persistent access to all browser tabs and content and will dynamically fetch code from npm. Before installing: back up ~/.openclaw/openclaw.json; prefer pinning a specific, reviewed package version instead of '@latest'; inspect the chrome-devtools-mcp package source yourself (or run npx manually in an isolated environment first); close any sensitive tabs and cookies; consider using Microsoft Graph API or an official Outlook integration instead of remote-driving a browser; and only enable the MCP/gateway entry while you actively need this skill and remove it afterward. If you are uncomfortable auditing the npm package or editing your gateway config, do not enable this skill.
功能分析
Type: OpenClaw Skill
Name: outlook-mail-reader
Version: 1.0.0
The skill requires the user to enable Chrome remote debugging and modify the OpenClaw configuration to execute an external package via 'npx', which are high-risk operations that could be leveraged for browser hijacking. While these actions are aligned with the stated purpose of reading Outlook emails via the Chrome DevTools protocol, the skill inherently requests broad access to sensitive personal data and system configuration. The instructions in SKILL.md guide the agent through these high-privilege interactions without evidence of intentional malice, but the security trade-offs are significant.
能力评估
Purpose & Capability
The skill's stated purpose—controlling a local Chrome DevTools connection to read Outlook mail—matches the instructions and tool calls (chrome-devtools__* and browser actions). However the SKILL.md requires adding an MCP server entry that runs 'npx chrome-devtools-mcp@latest' inside the OpenClaw gateway config, which is not strictly part of reading mail but is required to enable the MCP plumbing. That requirement is explainable but notable.
Instruction Scope
Instructions ask the user to edit the global OpenClaw config (~/.openclaw/openclaw.json) to add the 'mcp' section and to enable Chrome remote debugging. Modifying agent/gateway config and enabling 127.0.0.1:9222 gives the skill (and any code that is connected) the ability to inspect and interact with all open browser tabs and page content — much broader than 'only Outlook'. The runtime steps instruct reading snapshots and clicking/filling any page elements, which could be used to access or exfiltrate other sensitive pages if present.
Install Mechanism
There is no formal install spec in the registry, but the documentation explicitly tells the user to configure OpenClaw to run 'npx chrome-devtools-mcp@latest --autoConnect'. That causes dynamic fetching and execution of the latest package from the npm registry each time or when the gateway starts — a supply-chain risk. The skill does not recommend pinning a version or verifying the package, increasing risk.
Credentials
The skill requests no environment variables or credentials, which sounds safe, but enabling Chrome remote debugging and adding the MCP entry effectively grants the skill access to the user's local browser state (all tabs, DOM, possibly cookies, and other sensitive data). That level of access is substantially broader than 'read Outlook mail' and is not constrained by the instructions.
Persistence & Privilege
While always:false and the skill is user-invocable, the required manual change to OpenClaw's global config is a persistent modification that affects the gateway and could enable other skills or components to connect to the browser. The SKILL.md warns not to modify other fields, but adding the mcp entry still grants ongoing capability until removed — a persistent privilege with platform-wide implications.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install outlook-mail-reader - 安装完成后,直接呼叫该 Skill 的名称或使用
/outlook-mail-reader触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Initial release of the Outlook mail reader skill via MCP Chrome DevTools.
- Allows querying, filtering, date jumping, and searching Outlook emails using controlled local Chrome.
- Provides detailed user setup steps and tool switching guidance based on connection/status.
- Supports robust date navigation in Outlook mail using the "Jump to" feature with proper formatting.
- Includes troubleshooting tips and best practices for stable and effective usage.
元数据
常见问题
outlook-mail-reader 是什么?
通过 MCP chrome-devtools 协议控制用户本地 Chrome 浏览器,查询 Outlook 邮件。支持按日期跳转、筛选、搜索邮件。使用前提:用户已在 Chrome 中开启远程调试(127.0.0.1:9222 或 18800),且 OpenClaw 已配置 chrome-devtools-mcp... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 86 次。
如何安装 outlook-mail-reader?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install outlook-mail-reader」即可一键安装,无需额外配置。
outlook-mail-reader 是免费的吗?
是的,outlook-mail-reader 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
outlook-mail-reader 支持哪些平台?
outlook-mail-reader 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 outlook-mail-reader?
由 Xuanwu Yun(@yuyun2000)开发并维护,当前版本 v1.0.0。
推荐 Skills