中文 EN

Scan Report

Scan New Files

Low Risk — Risk Score 25/100
Last scan:19 hr ago Rescan
25 /100
imap-idle-watcher
Real-time email monitoring using IMAP IDLE with systemd service integration and user-defined command triggers
A legitimate IMAP IDLE email watcher that requires explicit user configuration; shell command execution is not explicitly declared in SKILL.md and uses plaintext credential storage, but no malicious behavior or hidden exfiltration is present.
Skill Nameimap-idle-watcher
Duration62.3s
Enginepi
Safe to install
Declare shell:WRITE in SKILL.md capabilities. Consider encrypting stored credentials or using a secrets manager instead of plaintext env files at /etc/. Review subprocess.run(shell=True) usage — prefer shell=False with argument lists where possible.

Findings 5 items

Severity Finding Location
Medium
Shell execution capability not declared Doc Mismatch
SKILL.md documents the --command parameter and describes the workflow where agents write and wire up handler scripts. This requires shell:WRITE, yet the capabilities section only implicitly covers filesystem and network. The shell permission is the most dangerous capability in this skill.
# IMAP IDLE Watcher (no shell:WRITE declared)
→ Add shell:WRITE to the declared capabilities in SKILL.md with a clear note that it is used exclusively for ON_NEW_MAIL_CMD.
 SKILL.md:1
Low
Plaintext app password storage in /etc/ Credential Theft
install_service() writes IMAP_ACCOUNT and IMAP_PASSWORD in plaintext to /etc/{service}.env with mode 0600. While mode 600 restricts read access, the credentials remain unencrypted on disk. A root compromise exposes all stored passwords.
cat > "$env_file" <<EOF
IMAP_ACCOUNT=$ACCOUNT
IMAP_PASSWORD=$PASSWORD
EOF
→ Use a secrets manager (systemd Credential, keychain, or encrypted vault) instead of plaintext env files. Document the risk in SKILL.md.
 scripts/setup_service.sh:185
Low
subprocess.run with shell=True for user-supplied commands RCE
The daemon executes ON_NEW_MAIL_CMD via subprocess.run(shell=True). While this is user-supplied, shell=True enables command injection if the handler script or env vars contain unescaped special characters. The risk is bounded by user intent but the pattern is dangerous.
subprocess.run(ON_NEW_MAIL_CMD, shell=True, capture_output=True, text=True, timeout=300, env=env)
→ Use shell=False with a list of arguments where possible. If shell features are needed, validate/sanitize the command string before passing to subprocess.
 scripts/imap_idle_daemon.py:161
Low
Fake --preflight-only flag silently ignored Doc Mismatch
setup_service.sh passes --preflight-only to the daemon, but the daemon never uses argparse or any argument parsing — it relies entirely on environment variables. The flag is silently ignored and no error is raised.
# daemon uses os.environ only, no sys.argv parsing
→ Implement proper argument parsing (argparse) or remove the --preflight-only flag from the shell script.
 scripts/imap_idle_daemon.py:1
Info
Inline Python test embeds credentials via string interpolation RCE
In test_connection(), a Python one-liner is generated with string interpolation of $HOST, $PORT, $ACCOUNT, and $PASSWORD directly into Python source code, then executed via python3 -c. This is a minor code quality issue with no additional risk beyond the credentials already being in scope.
python3 -c "import imaplib, ssl, sys; m = imaplib.IMAP4_SSL('$HOST', $PORT, ssl_context=ctx); m.login('$ACCOUNT', '$PASSWORD')..."
→ Extract the inline Python into a separate function within the daemon or use a temporary script file instead of string interpolation.
 scripts/setup_service.sh:148
ResourceDeclaredInferredStatusEvidence
Filesystem WRITE WRITE ✓ Aligned SKILL.md (implicit) / setup_service.sh writes /etc/{service}.env and systemd uni…
Network READ READ ✓ Aligned IMAP4_SSL connections to IMAP servers (imap.gmail.com etc.)
Shell NONE WRITE ✗ Violation imap_idle_daemon.py:161 subprocess.run(ON_NEW_MAIL_CMD, shell=True) — not declar…
Environment NONE READ ✓ Aligned Daemon reads IMAP_ACCOUNT, IMAP_PASSWORD, ON_NEW_MAIL_CMD, FILTER_* from os.envi…
8 findings
🔗
Medium External URL 外部 URL
https://myaccount.google.com/apppasswords
references/gmail.md:8
🔗
Medium External URL 外部 URL
https://myaccount.google.com/signinoptions/two-step-verification
references/gmail.md:15
🔗
Medium External URL 外部 URL
https://account.live.com/proofs/AppPassword
references/outlook.md:5
🔗
Medium External URL 外部 URL
https://account.live.com/proofs/manage/additional
references/outlook.md:10
🔗
Medium External URL 外部 URL
https://login.yahoo.com/account/security/app-passwords
references/yahoo.md:5
🔗
Medium External URL 外部 URL
https://my-webhook.com/notify
scripts/setup_service.sh:148
📧
Info Email 邮箱地址
[email protected]
SKILL.md:31
📧
Info Email 邮箱地址
[email protected]
references/troubleshooting.md:35

File Tree

7 files · 30.1 KB · 932 lines
Shell 1f · 347L Python 1f · 327L Markdown 5f · 258L
├─ 📁 references
│ ├─ 📝 gmail.md Markdown 27L · 792 B
│ ├─ 📝 outlook.md Markdown 20L · 524 B
│ ├─ 📝 troubleshooting.md Markdown 56L · 1.7 KB
│ └─ 📝 yahoo.md Markdown 17L · 457 B
├─ 📁 scripts
│ ├─ 🐍 imap_idle_daemon.py Python 327L · 10.1 KB
│ └─ 🔧 setup_service.sh Shell 347L · 12.0 KB
└─ 📝 SKILL.md Markdown 138L · 4.6 KB

Dependencies 4 items

PackageVersionSourceKnown VulnsNotes
imaplib stdlib Python standard library No No third-party dependencies
email stdlib Python standard library No No third-party dependencies
ssl stdlib Python standard library No No third-party dependencies
subprocess stdlib Python standard library No Used for ON_NEW_MAIL_CMD execution

Security Positives

✓ No network exfiltration or C2 communication detected
✓ No credential harvesting or theft — passwords used only for IMAP authentication
✓ No obfuscation, base64-encoded payloads, or anti-analysis techniques
✓ No suspicious filesystem access (no ~/.ssh, ~/.aws, .env scanning)
✓ No supply chain risks — only standard library Python imports used
✓ App passwords (not OAuth tokens) are scoped to Mail only, limiting blast radius
✓ SSL/TLS enforced for all IMAP connections via ssl.create_default_context()
✓ Debounce mechanism prevents command flooding
✓ IDLE capability is verified before daemon starts (preflight check)
✓ Systemd service uses Restart=always with exponential backoff reconnect