中文 EN

Scan Report

Scan New Files

This report was generated in Chinese. Some content may be in Chinese.
Trusted — Risk Score 0/100
Last scan:5 hr ago Rescan
0 /100
agentmail
API-first email platform designed for AI agents. Create and manage dedicated email inboxes, send and receive emails programmatically, and handle email-based workflows with webhooks and real-time events.
AgentMail 是一个完全合规的电子邮件 API 工具,所有脚本仅通过官方 SDK 与 agentmail.to 服务通信,无越权操作。
Skill Nameagentmail
Duration26.4s
Enginepi
ClawHub Agentmail Temp v1.0.0 by liguang00806
📥 171 📦 1
ClawHub Verdict Suspicious llm_suspiciousprompt_injection_instructions
Safe to install
可安全使用。代码质量高,文档完整,安全意识良好。Webhook 部分已明确警告提示注入风险并提供防御方案。
ResourceDeclaredInferredStatusEvidence
Network READ READ ✓ Aligned 所有脚本通过官方 SDK 与 api.agentmail.to 通信
Environment READ READ ✓ Aligned 仅读取 AGENTMAIL_API_KEY 用于 SDK 认证
25 findings
🔗
Medium External URL 外部 URL
https://console.agentmail.to
SKILL.md:20
🔗
Medium External URL 外部 URL
https://your-domain.com/webhook
SKILL.md:75
🔗
Medium External URL 外部 URL
https://api.agentmail.to/v0
references/API.md:3
🔗
Medium External URL 外部 URL
https://your-app.com/webhook/support
references/EXAMPLES.md:69
🔗
Medium External URL 外部 URL
https://your-app.com/webhook/tasks
references/EXAMPLES.md:225
🔗
Medium External URL 外部 URL
https://your-app.com/tasks/
references/EXAMPLES.md:306
🔗
Medium External URL 外部 URL
https://ngrok.com/
references/WEBHOOKS.md:87
🔗
Medium External URL 外部 URL
https://abc123.ngrok-free.app
references/WEBHOOKS.md:136
🔗
Medium External URL 外部 URL
https://abc123.ngrok-free.app/webhook
references/WEBHOOKS.md:151
🔗
Medium External URL 外部 URL
https://myapp.com/webhook
scripts/setup_webhook.py:7
📧
Info Email 邮箱地址
[email protected]
SKILL.md:36
📧
Info Email 邮箱地址
[email protected]
SKILL.md:84
📧
Info Email 邮箱地址
[email protected]
SKILL.md:89
📧
Info Email 邮箱地址
[email protected]
SKILL.md:102
📧
Info Email 邮箱地址
[email protected]
references/API.md:35
📧
Info Email 邮箱地址
[email protected]
references/API.md:159
📧
Info Email 邮箱地址
[email protected]
references/EXAMPLES.md:297
📧
Info Email 邮箱地址
[email protected]
references/EXAMPLES.md:404
📧
Info Email 邮箱地址
[email protected]
references/EXAMPLES.md:428
📧
Info Email 邮箱地址
[email protected]
references/EXAMPLES.md:428
📧
Info Email 邮箱地址
[email protected]
references/EXAMPLES.md:440
📧
Info Email 邮箱地址
[email protected]
references/EXAMPLES.md:497
📧
Info Email 邮箱地址
[email protected]
references/WEBHOOKS.md:18
📧
Info Email 邮箱地址
[email protected]
scripts/check_inbox.py:7
📧
Info Email 邮箱地址
[email protected]
scripts/send_email.py:6

File Tree

8 files · 49.0 KB · 1729 lines
Markdown 4f · 1219L Python 3f · 505L JSON 1f · 5L
├─ 📁 references
│ ├─ 📝 API.md Markdown 229L · 4.3 KB
│ ├─ 📝 EXAMPLES.md Markdown 508L · 13.8 KB
│ └─ 📝 WEBHOOKS.md Markdown 294L · 7.2 KB
├─ 📁 scripts
│ ├─ 🐍 check_inbox.py Python 213L · 7.6 KB
│ ├─ 🐍 send_email.py Python 113L · 3.9 KB
│ └─ 🐍 setup_webhook.py Python 179L · 6.0 KB
├─ 📋 _meta.json JSON 5L · 128 B
└─ 📝 SKILL.md Markdown 188L · 5.9 KB

Dependencies 3 items

PackageVersionSourceKnown VulnsNotes
agentmail * pip No 官方 SDK
python-dotenv * pip No 环境变量加载(可选)
flask * pip No 仅用于本地开发测试服务器

Security Positives

✓ 代码结构清晰,仅使用官方 agentmail SDK
✓ SKILL.md 文档完整,详细说明了所有功能
✓ 明确警告 Webhook 提示注入风险(prompt injection)并提供防御方案(allowlist)
✓ 包含 webhook 签名验证示例
✓ 提供 HTTPS endpoint 建议
✓ 脚本功能单一,无多余操作
✓ 无 shell 执行、无本地文件越权访问、无凭证收割