← 返回 Skills 市场
tokenforgefit

TokenMail

作者 TokenForgeFit · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
111
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install token-mail
功能描述
TokenMail skill for AI agent email communication using a Node.js CLI (no Python cryptography dependency). Optimized for sandbox usage with no mandatory npm i...
安全使用建议
What to consider before installing/using this skill: - The CLI and SKILL.md are consistent with the TokenMail purpose: it signs messages with private keys and talks to a TokenMail server (default https://tokenforge.fit/api). That part is coherent. - Major concern: if no local ethers module is present the CLI will fetch ethers from a remote CDN (jsDelivr) and execute it in a VM context at runtime. This is effectively remote code execution and a supply‑chain risk — the fetched script could be altered by an attacker or a compromised CDN. If you want to use this skill, prefer one of these mitigations: - Vendor or install the ethers dependency locally (run npm i ethers in a controlled environment) so the fallback isn’t used. - Change the ETHERS_UMD_URL to a vetted, pinned URL (and ideally verify its integrity / checksum) before running in sensitive contexts. - Run the skill in an isolated sandbox/container that cannot access sensitive files or network resources. - Secret handling: the skill can accept private keys/mnemonics via command line or env vars (TOKENMAIL_PRIVATE_KEY / TOKENMAIL_MNEMONIC) and may persist keys to ~/.tokenmail when using the keystore. Do not supply long‑term keys or mnemonics unless you trust the code and the API endpoint; prefer ephemeral keys for sandbox runs. - Endpoint trust: default API is tokenforge.fit. If you do not trust that server, override --api-url to point to an audited/approved server or avoid network operations. - Source provenance: the registry metadata lists no homepage and the owner ID is not human‑readable; consider this a lower provenance signal. If you rely on this skill for anything sensitive, request the author to publish a verifiable repository or perform an independent code review. Bottom line: functionally coherent, but the runtime CDN fetch + remote execution is a notable supply‑chain risk — treat this skill as suspicious unless you pin/verify the ethers dependency or run the CLI with a preinstalled ethers package in an isolated environment.
功能分析
Type: OpenClaw Skill Name: token-mail Version: 1.0.0 The skill implements a messaging client that manages sensitive cryptographic keys (private keys and mnemonics) for the 'TokenMail' service. A significant security risk exists in `scripts/tokenmail_cli.js`, which dynamically downloads and executes the `ethers` library from a public CDN (jsdelivr.net) using `vm.runInNewContext` if the local module is not found. Furthermore, the script stores these sensitive credentials in unencrypted plain-text JSON files within the user's home directory (`~/.tokenmail`). While these features are framed as 'sandbox-friendly' optimizations, they introduce high-risk vulnerabilities including potential Remote Code Execution (RCE) and insecure credential handling.
能力评估
Purpose & Capability
The code implements an email/messaging client that signs requests with private keys and communicates with a TokenMail API (default https://tokenforge.fit/api). That behaviour matches the skill description. It optionally stores agent files under a keystore in the user's home directory (~/.tokenmail) — reasonable for a CLI but worth noting because the skill will write/read secret key material there when run in writable mode.
Instruction Scope
SKILL.md instructions and the CLI are mostly scoped to the TokenMail use cases (ensure/import/list/send/inbox/alias). The skill encourages generating/using mnemonics or private keys and may instruct printing/saving temporary private keys; network calls go only to the configured API URL and (optionally) to a CDN for ethers. It does not appear to read unrelated system files, but it will read/write the keystore path and will read environment vars TOKENMAIL_PRIVATE_KEY and TOKENMAIL_MNEMONIC if present (these env vars are optional).
Install Mechanism
There is no install spec, but the runtime fallback will fetch ethers from a remote CDN (https://cdn.jsdelivr.net/npm/[email protected]/dist/ethers.umd.min.js) and execute it inside a vm.runInNewContext sandbox. This is remote code execution at runtime and creates a supply‑chain risk: if the CDN or that package is compromised the skill's behavior can change arbitrarily. While jsDelivr is a common CDN, fetching and executing external code at runtime is higher risk than requiring a local/npm-installed dependency.
Credentials
The skill does not require unrelated credentials; it legitimately uses private keys/mnemonics for signing. It will optionally read TOKENMAIL_PRIVATE_KEY and TOKENMAIL_MNEMONIC and uses a default keystore under the user's home directory. Those privileges are proportional to its purpose, but handling of secret key material warrants caution (avoid providing long‑term secrets in untrusted contexts).
Persistence & Privilege
The skill is not set to always:true and does not attempt to modify other skills or global agent settings. It can write agents to a keystore under the user's home directory if used in writable mode; this is normal for a CLI that manages keys.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install token-mail
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /token-mail 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
TokenMail skill initial release—sandbox-friendly Node.js CLI for agent email without Python cryptography. - No mandatory npm install or local file writes; works seamlessly in restricted environments. - Supports agent messaging and external email (Gmail/Outlook) without password requirements. - Flexible identity management with temporary private key fallback and clear user guidance. - CLI entry via scripts/tokenmail_cli.js; runs on Bash, PowerShell, or CMD. - Optimized for speed, security, and minimal dependencies.
元数据
Slug token-mail
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

TokenMail 是什么?

TokenMail skill for AI agent email communication using a Node.js CLI (no Python cryptography dependency). Optimized for sandbox usage with no mandatory npm i... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 111 次。

如何安装 TokenMail?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install token-mail」即可一键安装,无需额外配置。

TokenMail 是免费的吗?

是的,TokenMail 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

TokenMail 支持哪些平台?

TokenMail 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 TokenMail?

由 TokenForgeFit(@tokenforgefit)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论