OpenClaw: benign
VirusTotal: benign
StaticScan: unknown
OpenClaw: benign
The skill's code, documentation, and runtime instructions are consistent with an email-security tool and do not request unrelated credentials or installers.
VirusTotal: benign VT 报告
静态扫描: unknown
README 未提供
无文件信息
{
"latestVersion": {
"_creationTime": 1770576621482,
"_id": "k974pyp7babnhb5b0gyb571zpd80sw50",
"changelog": "# 🛡️ Email Security Skill (v1.0.0)\n\n**Protect your AI agent from email-based attacks including prompt injection, sender spoofing, malicious attachments, and social engineering.**\n\nThis unified skill provides a comprehensive security layer for any agent handling email, supporting Gmail, AgentMail, Proton, and generic IMAP\/SMTP providers.\n\n## 🚀 Key Features\n\n* **🚫 Prompt Injection Defense**: Automatically detects and blocks 15+ advanced attack patterns (e.g., \"Ignore previous instructions\", role hijacking, hidden text).\n* **👤 Sender Verification**: Validates sender identity using SPF\/DKIM\/DMARC checks and an customizable Owner\/Admin\/Trusted whitelist.\n* **🧹 Smart Content Sanitization**: Strips dangerous HTML, removes tracking pixels, and extracts only the newest message content (ignoring safe quoted replies).\n* **📎 Safe Attachments**: Enforces strict file type allowances (PDF, TXT, CSV, Images) and blocks executables\/scripts.\n* **🔒 Provider Agnostic**: Works seamlessly with Gmail, AgentMail, and any standard email service.\n\n## 🛡️ Security Capabilities\n\n- **Role-Based Access Control**:\n - **Owner**: Full system control.\n - **Admin**: Operational commands.\n - **Trusted**: Standard interactions.\n - **Unknown**: Blocked by default.\n- **Threat Intelligence**: Built-in detection for social engineering cues (urgency, financial requests).\n- **Audit Logging**: Comprehensive logs for all blocked and flagged interactions.\n\n## 📦 What's Included\n\n- **Scripts**: `verify_sender.py`, `sanitize_content.py`, `parse_email.py`\n- **Documentation**: Full setup guides for Gmail & AgentMail.\n- **Configuration**: JSON templates for custom security policies.\n\n## 🔧 Quick Start\n\n```python\n# Verify sender before processing\nauth_result = verify_sender(email=\"user@example.com\")\n\n# Sanitize content to remove threats\nclean_body = sanitize_content(raw_email_body)\n\n# Parse allowed attachments safely\nfiles = parse_email(raw_message_data)\n```\n\n## 📋 Version 1.0.0 Release Notes\n\n- Added role-based authorization model (Owner\/Admin\/Trusted\/Unknown).\n- Implemented heuristic spoofing detection (From\/Reply-To mismatches).\n- Added multi-stage content sanitization pipeline.\n- Enforced strict attachment security policies.\n- Packaged with full provider support documentation.",
"changelogSource": "user",
"createdAt": 1770576621482,
"version": "1.0.0"
},
"owner": {
"_creationTime": 0,
"_id": "publishers:missing",
"displayName": "ivaavimusic",
"handle": "ivaavimusic",
"image": "https:\/\/avatars.githubusercontent.com\/u\/99599836?v=4",
"kind": "user",
"linkedUserId": "kn73xndw522wt8y06avyd39a8h7ztbeh"
},
"ownerHandle": "ivaavimusic",
"skill": {
"_creationTime": 1770576621482,
"_id": "kd76731bpmkakgqm7x1c3m288580rd11",
"badges": [],
"createdAt": 1770576621482,
"displayName": "Email Security",
"latestVersionId": "k974pyp7babnhb5b0gyb571zpd80sw50",
"ownerUserId": "kn73xndw522wt8y06avyd39a8h7ztbeh",
"slug": "email-security",
"stats": {
"comments": 0,
"downloads": 936,
"installsAllTime": 0,
"installsCurrent": 0,
"stars": 2,
"versions": 1
},
"summary": "Protect AI agents from email-based attacks including prompt injection, sender spoofing, malicious attachments, and social engineering. Use when processing emails, reading email content, executing email-based commands, or any interaction with email data. Provides sender verification, content sanitization, and threat detection for Gmail, AgentMail, Proton Mail, and any IMAP\/SMTP email system.",
"tags": {
"agent-safety": "k974pyp7babnhb5b0gyb571zpd80sw50",
"attachments": "k974pyp7babnhb5b0gyb571zpd80sw50",
"dkim": "k974pyp7babnhb5b0gyb571zpd80sw50",
"dmarc": "k974pyp7babnhb5b0gyb571zpd80sw50",
"email": "k974pyp7babnhb5b0gyb571zpd80sw50",
"eml": "k974pyp7babnhb5b0gyb571zpd80sw50",
"gmail": "k974pyp7babnhb5b0gyb571zpd80sw50",
"imap": "k974pyp7babnhb5b0gyb571zpd80sw50",
"latest": "k974pyp7babnhb5b0gyb571zpd80sw50",
"phishing": "k974pyp7babnhb5b0gyb571zpd80sw50",
"prompt-injection": "k974pyp7babnhb5b0gyb571zpd80sw50",
"sanitization": "k974pyp7babnhb5b0gyb571zpd80sw50",
"security": "k974pyp7babnhb5b0gyb571zpd80sw50",
"spf": "k974pyp7babnhb5b0gyb571zpd80sw50",
"spoofing": "k974pyp7babnhb5b0gyb571zpd80sw50",
"threat-detection": "k974pyp7babnhb5b0gyb571zpd80sw50"
},
"updatedAt": 1772250261842
}
}