← 返回 Skills 市场
Unified Mailbox Ai
作者
L1TangDingZhen
· GitHub ↗
· v1.1.0
· MIT-0
182
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install unified-mailbox-ai
功能描述
Unified mailbox AI for both Outlook and Gmail. Checks unread emails, summarizes new mail with AI, detects meeting invitations, checks calendar conflicts on b...
安全使用建议
This skill appears to do what it claims, but there are a few security-relevant tradeoffs to consider before installing:
- Tokens & config: The Python code reads the MSAL token cache (~/.openclaw/ms_tokens.json) and writes a refreshed MS_GRAPH_ACCESS_TOKEN into ~/.openclaw/openclaw.json. That central config file will contain an access token which other local skills or processes that can read that file could use. If you have strict token control requirements, keep an eye on file permissions or avoid writing tokens into shared configs.
- Gmail keyring handling: The recommended setup uses GOG_KEYRING_PASSWORD="" and a file-based keyring for non-interactive use. That reduces friction for cron jobs but weakens local credential protection. Consider whether the tradeoff is acceptable for your environment.
- Cron & shell injection surface: The installer offers to append exports to ~/.bashrc and install a cron line. Only agree to those steps if you trust the repository and the paths shown; inspect the cron line and .bashrc additions before accepting.
- Least privilege: The skill requests broad mail/calendar scopes (Mail.ReadWrite, Calendars.ReadWrite). If you only need read-only notifications, consider adjusting scopes or using tokens with reduced permissions where possible.
- Operational hygiene: Run the script manually first (python3 ... check), verify outputs, and review the code locally. Ensure ~/.openclaw/openclaw.json and ~/.openclaw/notified_emails.json have appropriate filesystem permissions (restrict to your user). If you are uncertain about the upstream source, review the full repository on GitHub before installing.
If these tradeoffs are acceptable and you trust the source, the package is coherent for its purpose. If you have stricter security requirements, do not enable the installer’s automatic edits (openclaw.json, ~/.bashrc, crontab) until you have manually reviewed and adjusted them.
能力标签
能力评估
Purpose & Capability
Name/description match the implementation: Python script uses Microsoft Graph (msal + ms_tokens.json) for Outlook, the gog CLI for Gmail, and sends notifications to a Telegram chat ID (EMAIL_MONITOR_TELEGRAM_USER). Required binaries and env vars are coherent with the stated functionality.
Instruction Scope
SKILL.md and installer instruct the agent to read ms_tokens.json, modify ~/.openclaw/openclaw.json, call gog and outlook-graph scripts, and create cron entries. These actions are within the scope of an automated mailbox monitor, but notable security-relevant behaviors include: (1) the script updates openclaw.json with MS_GRAPH_ACCESS_TOKEN (persisting tokens to a global config); (2) the recommended cron setup uses an empty GOG_KEYRING_PASSWORD and exporting credentials in multiple places. These are expected for the skill but have privacy/operational implications the user should understand.
Install Mechanism
No remote downloads or opaque installers: the repository contains an installer script that copies files into ~/.openclaw, edits openclaw.json, optionally modifies ~/.bashrc and crontab, and can pip-install msal locally. This is a typical install pattern for user-local skills and does not pull arbitrary code at runtime.
Credentials
Requested env vars and files are proportional to function: EMAIL_MONITOR_TELEGRAM_USER (required) is needed to deliver notifications, EMAIL_MONITOR_GMAIL_ACCOUNT and MS_GRAPH_ACCESS_TOKEN (optional) are required for Gmail/Outlook. However, the script writes refreshed MS access tokens back into ~/.openclaw/openclaw.json which centralizes a sensitive token—this is convenient but elevates the blast radius if that file is accessible to other users or processes.
Persistence & Privilege
The installer can register the skill in the agent's skills list, append env exports to ~/.bashrc, and add a cron job — all with interactive prompts. The skill itself writes/reads files under ~/.openclaw (ms_tokens.json, openclaw.json, notified_emails.json). These behaviors are expected but grant the skill persistent presence and access to other OpenClaw configuration files, so users should verify file permissions and consent during installation.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install unified-mailbox-ai - 安装完成后,直接呼叫该 Skill 的名称或使用
/unified-mailbox-ai触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Parallel Outlook/Gmail fetches, env-var based config, removed hardcoded personal data
v1.0.0
Initial release
元数据
常见问题
Unified Mailbox Ai 是什么?
Unified mailbox AI for both Outlook and Gmail. Checks unread emails, summarizes new mail with AI, detects meeting invitations, checks calendar conflicts on b... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 182 次。
如何安装 Unified Mailbox Ai?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install unified-mailbox-ai」即可一键安装,无需额外配置。
Unified Mailbox Ai 是免费的吗?
是的,Unified Mailbox Ai 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Unified Mailbox Ai 支持哪些平台?
Unified Mailbox Ai 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Unified Mailbox Ai?
由 L1TangDingZhen(@l1tangdingzhen)开发并维护,当前版本 v1.1.0。
推荐 Skills