osascript-email Security Report — Trusted | ClawSafe

10 /100

osascript-email

Send emails on macOS via AppleScript (osascript) using Mail.app — no SMTP credentials, passwords, or API keys required.

A legitimate macOS email automation skill using osascript/Mail.app; no malicious behavior, credential access, or hidden functionality detected.

Skill Nameosascript-email

Duration40.8s

Enginepi

✓

Safe to install

No action needed. This skill is safe to use for its documented purpose of sending emails via macOS Mail.app.

Findings 1 items

Severity	Finding	Location
Low	Shell execution capability implied but not explicitly declared Doc Mismatch SKILL.md uses Bash/heredoc code blocks showing osascript execution, which implicitly declares shell:WRITE capability, but does not explicitly list it in a capabilities section. This is a minor documentation clarity issue. `osascript << 'APPLESCRIPT'` → Add a 'Capabilities' or 'Required Permissions' section to SKILL.md explicitly listing shell:WRITE for osascript execution.	`SKILL.md:15`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`NONE`	—	No file read/write operations in send_email.py; file attachment feature only use…
Network	`NONE`	`NONE`	—	No direct network calls; Mail.app handles all network/SMTP communication
Shell	`NONE`	`WRITE`	✓ Aligned	scripts/send_email.py:44 uses subprocess.run to execute osascript; SKILL.md show…
Environment	`NONE`	`NONE`	—	No access to os.environ in any file
Skill Invoke	`NONE`	`NONE`	—	No nested skill invocations
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser access
Database	`NONE`	`NONE`	—	No database access

1 findings

📧

Info Email 邮箱地址

[email protected]

SKILL.md:55

File Tree

3 files · 7.0 KB · 202 lines

Markdown 2f · 136L Python 1f · 66L

├─ ▾ 📁 references

│ └─ 📝 attachments.md Markdown 46L · 1.6 KB

├─ ▾ 📁 scripts

│ └─ 🐍 send_email.py Python 66L · 1.9 KB

└─ 📝 SKILL.md Markdown 90L · 3.6 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`subprocess`	`stdlib`	Python standard library	No	No external dependencies; only stdlib subprocess is used

Security Positives

✓ No credential harvesting or environment variable access

✓ No data exfiltration beyond the user-provided email content

✓ No obfuscation (no base64, no eval, no encoded strings)

✓ No remote code download or curl|bash patterns

✓ No sensitive file access (~/.ssh, ~/.aws, .env, etc.)

✓ No hidden functionality — all behavior is documented in SKILL.md

✓ Mail.app authentication is handled entirely by the OS, not by the script

✓ No supply chain risks — no external dependencies (only Python stdlib subprocess)

✓ Sender address is constrained to Mail.app-configured accounts — cannot spoof arbitrary addresses

✓ attachments.md is purely reference documentation with no executable code

Scan Report

Findings 1 items

File Tree

Dependencies 1 items

Security Positives