welderjustin-imap-smtp-email 安全扫描报告 — 低风险 | ClawSafe

20 /100

welderjustin-imap-smtp-email

Read and send email via IMAP/SMTP

A legitimate IMAP/SMTP email skill with undocumented filesystem operations for attachment handling. No malicious behavior detected, but SKILL.md omits required filesystem READ/WRITE capabilities.

技能名称welderjustin-imap-smtp-email

分析耗时58.4s

引擎pi

✓

可以安装

Add filesystem:READ and filesystem:WRITE to SKILL.md metadata under requires.resources for the attachment and file body features. The code implements proper path validation with ALLOWED_READ_DIRS and ALLOWED_WRITE_DIRS, so no functional risk exists.

安全发现 3 项

严重性	安全发现	位置
低危	Missing filesystem:WRITE declaration 文档欺骗 The SKILL.md metadata declares only env and bins, but imap.js downloads attachments to disk using ALLOWED_WRITE_DIRS. This filesystem write operation is not declared. `metadata.openclaw.requires.env: [IMAP_HOST, IMAP_USER, ...]` → Add 'resources: { filesystem: WRITE }' to requires section or document attachment download as a file system operation.	`SKILL.md:10`
低危	Missing filesystem:READ declaration 文档欺骗 Both imap.js and smtp.js read files (attachments, body-file, subject-file) from ALLOWED_READ_DIRS, but this filesystem read capability is not declared in SKILL.md. `metadata.openclaw.requires` → Add filesystem:READ to the declared resources if file body/attachment features are to be used.	`SKILL.md:10`
低危	Undeclared environment variables 权限提升 ALLOWED_READ_DIRS and ALLOWED_WRITE_DIRS are required environment variables for the skill to function, but they are not mentioned in SKILL.md metadata. `process.env.ALLOWED_WRITE_DIRS` → Document ALLOWED_READ_DIRS and ALLOWED_WRITE_DIRS as required environment variables in SKILL.md.	`scripts/imap.js:30`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`READ`	✗ 越权	scripts/smtp.js:8 dotenv config, scripts/imap.js:215 attachment download, script…
文件系统	`NONE`	`WRITE`	✗ 越权	scripts/imap.js:260 fs.writeFileSync for attachments
网络访问	`NONE`	`READ`	✓ 一致	IMAP connection via imap library - implied by email tool functionality
网络访问	`NONE`	`WRITE`	✓ 一致	SMTP connection via nodemailer - implied by email tool functionality
环境变量	`IMAP_HOST,IMAP_USER,IMAP_PASS,SMTP_HOST,SMTP_USER,SMTP_PASS`	`IMAP_HOST,IMAP_USER,IMAP_PASS,SMTP_HOST,SMTP_USER,SMTP_PASS,ALLOWED_READ_DIRS,ALLOWED_WRITE_DIRS`	✓ 一致	ALLOWED_READ_DIRS and ALLOWED_WRITE_DIRS not declared in metadata

4 项发现

🔗

中危外部 URL 外部 URL

https://myaccount.google.com/apppasswords

SKILL.md:66

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:33

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:43

📧

提示邮箱邮箱地址

[email protected]

scripts/imap.js:48

目录结构

6 文件 · 33.8 KB · 1268 行

JavaScript 2f · 822L Markdown 1f · 211L Shell 1f · 199L JSON 2f · 36L

├─ ▾ 📁 scripts

│ ├─ 📜 imap.js JavaScript 588L · 15.1 KB

│ └─ 📜 smtp.js JavaScript 234L · 6.5 KB

├─ 📋 _meta.json JSON 5L · 134 B

├─ 📋 package.json JSON 31L · 764 B

├─ 🔧 setup.sh Shell 199L · 4.8 KB

└─ 📝 SKILL.md Markdown 211L · 6.6 KB

依赖分析 5 项

包名	版本	来源	已知漏洞	备注
`imap`	`^0.8.19`	npm	否	Standard IMAP client library
`imap-simple`	`^5.1.0`	npm	否	Promise-based IMAP wrapper
`nodemailer`	`^7.0.13`	npm	否	Standard SMTP library
`mailparser`	`^3.9.3`	npm	否	Email parsing library
`dotenv`	`^16.6.1`	npm	否	Environment variable loader

安全亮点

✓ No base64 encoding, obfuscation, or anti-analysis techniques found

✓ No reverse shell, RCE, or arbitrary command execution

✓ No credential exfiltration or data theft

✓ Path traversal protection implemented via validateWritePath and validateReadPath

✓ ALLOWED_READ_DIRS and ALLOWED_WRITE_DIRS provide directory whitelisting

✓ Proper .env handling with 600 permissions in setup.sh

✓ All dependencies are legitimate email packages (imap, nodemailer, mailparser, dotenv)

✓ Symlink resolution in validateReadPath prevents path traversal attacks

✓ No curl|bash or remote script execution

✓ No access to ~/.ssh, ~/.aws, or other credential paths