A skill to send emails via Aliyun enterprise email service with support for markdown, HTML text, attachments, and syntax highlighting for code blocks.
Security Analysis
medium confidenceThe skill’s code implements an SMTP mail sender that matches the stated purpose, but the provided runtime instructions, filenames, and CLI examples do not fully match the shipped code and there are a few practices (root-centric config path, arbitrary file attachments) that could be misused — review before installing.
The code (email_sender.py) implements an SMTP client that sends plain, HTML, or Markdown emails with attachments and syntax highlighting, which aligns with the skill description (Aliyun enterprise SMTP). The need for a local JSON config file containing SMTP credentials is reasonable for an SMTP tool.
SKILL.md and README contain inconsistent instructions and filenames vs. the code: SKILL.md suggests a config named aliyun-mail-config.json in /root/.openclaw/, README uses smtp-config.json, and email_sender.py defaults to ~/.openclaw/smtp-config.json. SKILL.md examples call a CLI 'aliyun-mail send' with flags (--markdown, --html) that do not exist in the shipped Python CLI (email_sender.py uses --type with values 'plain'|'markdown'|'html' and no 'send' subcommand). The tool permits attaching arbitrary filesystem paths and reading body files; while expected for an email sender, this capability can be abused to exfiltrate files if a malicious actor or misconfigured agent supplies system file paths.
No install spec; this is instruction+code only. No remote downloads or archive extraction are performed by the skill package itself, which reduces install-time risk.
The skill requests no environment variables, instead storing SMTP credentials in a local JSON config file. That is proportionate for SMTP usage, but the documentation's insistence on a /root/.openclaw path is root-centric and may not match the code's ~ expansion if run under a non-root account. The config file will contain sensitive SMTP username/password — that is expected but worth protecting. No other unrelated credentials are requested.
The skill is not marked always:true and does not request persistent system-level privileges or modify other skills. Agent autonomous invocation is enabled by default (disable-model-invocation:false) but this is normal for skills. There is no evidence it modifies other agent settings.
Guidance
This package appears to implement exactly what it claims (an SMTP email sender) but the documentation and CLI examples are inconsistent with the shipped script — double-check before use. Before installing or running: 1) inspect email_sender.py yourself (it is included) to confirm behavior; 2) store SMTP credentials in a secure location and prefer an app-specific password; 3) don't place credentials in world-readable locations and avoid running as root (the docs reference /root but the script uses the current user's home); 4) be cautious when supplying attachments or body-file paths — the tool will read and send any file you point it at, which could leak sensitive files if misused; 5) confirm the expected SMTP endpoint (smtp.mxhichina.com) and the package’s provenance (the repo/homepage referenced in package.json exists but the skill listing shows 'Source: unknown'). If you need the skill, update the docs to match the code (config filename/path and CLI flags) or request an author update; if provenance is unclear, prefer a vetted alternative.
Latest Release
v1.0.0
Initial release of Aliyun Mail skill for advanced email sending via Aliyun’s enterprise service. - Send emails as plain text, HTML, or Markdown (with automatic syntax highlighting for code blocks). - Attach one or more files to outgoing emails. - Reliably integrates with Aliyun’s SMTP using secure config files and app-specific passwords. - Includes robust error handling with retry logic and detailed error messages. - Simple command-line interface supports all main options: body types, body from file, and attachments.
More by @jixsonwang
Published by @jixsonwang on ClawHub
