gmail-checker 安全扫描报告 — 低风险 | ClawSafe

20 /100

gmail-checker

Check Gmail for unread inbox emails, filtered by priority

Gmail checker skill with legitimate OAuth 2.0 implementation but undeclared filesystem WRITE and network access in SKILL.md.

技能名称gmail-checker

分析耗时32.4s

引擎pi

✓

可以安装

Add allowed-tools mapping to SKILL.md declaring filesystem:READ/WRITE (for credential paths) and network:READ (for Gmail API). Declare subprocess usage for python3 execution.

安全发现 4 项

严重性	安全发现	位置
低危	Missing allowed-tools mapping SKILL.md does not declare allowed-tools mapping despite using filesystem writes and network access `No allowed-tools declaration present` → Add allowed-tools mapping: Read→filesystem:READ, Write→filesystem:WRITE, WebFetch→network:READ	`SKILL.md:1`
低危	Undeclared filesystem WRITE access setup_gmail.py creates ~/.openclaw/credentials/ directory and writes gmail.json. This is necessary for credential storage but undeclared. `os.makedirs(CREDS_DIR, exist_ok=True)` → Document filesystem WRITE access in SKILL.md for credential storage paths	`scripts/setup_gmail.py:47`
提示	Proper credential file permissions setup_gmail.py sets correct file permissions (0o600) for stored credentials `os.chmod(CREDS_PATH, 0o600)` → No action needed - this is good security practice	`scripts/setup_gmail.py:48`
提示	Standard OAuth 2.0 implementation Uses google-auth-oauthlib with proper InstalledAppFlow, refresh tokens, and no secret storage issues `flow = InstalledAppFlow.from_client_config(client_config, SCOPES)` → No action needed - this is the correct approach	`scripts/setup_gmail.py:60`

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`WRITE`	✗ 越权	scripts/setup_gmail.py:47 - os.makedirs(CREDS_DIR, exist_ok=True)
网络访问	`NONE`	`READ`	✗ 越权	scripts/check_gmail.py:55-60 - Gmail API calls to googleapis.com
命令执行	`NONE`	`NONE`	—	SKILL.md references pip install and python3 execution

4 项发现

🔗

中危外部 URL 外部 URL

https://console.cloud.google.com/

references/setup.md:21

🔗

中危外部 URL 外部 URL

https://accounts.google.com/o/oauth2/auth

scripts/setup_gmail.py:60

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:65

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:69

目录结构

5 文件 · 14.4 KB · 480 行

Python 2f · 295L Markdown 2f · 165L JSON 1f · 20L

├─ ▾ 📁 references

│ └─ 📝 setup.md Markdown 77L · 3.0 KB

├─ ▾ 📁 scripts

│ ├─ 🐍 check_gmail.py Python 191L · 5.7 KB

│ └─ 🐍 setup_gmail.py Python 104L · 3.0 KB

├─ 📋 config.example.json JSON 20L · 343 B

└─ 📝 SKILL.md Markdown 88L · 2.4 KB

依赖分析 2 项

包名	版本	来源	已知漏洞	备注
`google-api-python-client`	`not pinned`	pip	否	Version not pinned in documentation
`google-auth-oauthlib`	`not pinned`	pip	否	Version not pinned in documentation

安全亮点

✓ No base64, eval(), or obfuscated code patterns

✓ No credential exfiltration - credentials stay local in ~/.openclaw/credentials/

✓ No sensitive path access (no ~/.ssh, ~/.aws, .env enumeration)

✓ No reverse shell, C2, or data theft indicators

✓ Proper file permissions (0o600) on credential files

✓ Standard OAuth 2.0 flow with Google APIs

✓ Uses well-known, trusted Google API client libraries

✓ Input validation on OAuth client credentials

✓ Clear, accurate documentation of functionality