技能详情(站内镜像,无评论)
许可证:MIT-0
MIT-0 ·免费使用、修改和重新分发。无需归因。
版本:v1.0.0
统计:⭐ 0 · 38 · 0 current installs · 0 all-time installs
⭐ 0
安装量(当前) 0
🛡 VirusTotal :可疑 · OpenClaw :可疑
Package:chongjie-ran/wecom-email
安全扫描(ClawHub)
- VirusTotal :可疑
- OpenClaw :可疑
OpenClaw 评估
The skill's stated purpose (send corporate WeCom email) matches the instructions, but the SKILL.md instructs access to local credential files (including a personal credentials path) while the skill metadata declares no required credentials or config paths — this mismatch and the ability to read/decode local files and send messages is concerning.
目的
Name/description say 'send corporate WeCom email' and the instructions show SMTP code to do exactly that, so the capability matches the purpose. However, the skill metadata declares no required credentials or config paths while the runtime instructions explicitly reference credential files (e.g., ~/.openclaw/workspace/memory/sc-email-credentials.enc and email-credentials.enc). The absence of declared credentials/config paths in metadata is an …
说明范围
The SKILL.md tells the agent to read local files (meeting notes and specific encrypted credential files) and to decode credentials (base64 -d example). That means the skill will read and transmit local content and secrets to an external SMTP server. It also references a separate 'personal email' credentials file path, which is outside the explicit '専用邮箱' concept and could enable access to unrelated credentials. While reading meeting notes is reasonable for sending them, instructions do not constrain which files are allowed and rely on agent discretion — this grants broad scope to access local files and secrets.
安装机制
This is an instruction-only skill with no install spec and no code files — lowest install risk. There is no download or package installation described.
证书
No environment variables or primary credential are declared in the metadata, yet the instructions require an SMTP account and reference multiple credential file paths and decoding steps. Requesting access to credential files (including a personal credentials path) without declaring them is disproportionate and opaque; the skill should explicitly declare which credential/config path it needs and why.
持久
The skill does not request always: true, does not modify other skills, and is user-invocable only by default. It does instruct reading/writing within the agent workspace (~/.openclaw/workspace) but stays within its own workspace paths rather than system-wide configuration. Still, the ability to read credentials in that workspace is sensitive and should be declared.
安装(复制给龙虾 AI)
将下方整段复制到龙虾中文库对话中,由龙虾按 SKILL.md 完成安装。
请把本段交给龙虾中文库(龙虾 AI)执行:为本机安装 OpenClaw 技能「WeCom邮箱」。简介:企业微信邮箱操作 - 使用专用邮箱发送邮件。 支持读取会议纪要、业务文档等作为邮件内容发送。。
请 fetch 以下地址读取 SKILL.md 并按文档完成安装:https://raw.githubusercontent.com/openclaw/skills/refs/heads/main/skills/chongjie-ran/wecom-email/SKILL.md
(来源:yingzhi8.cn 技能库)SKILL.md
---
name: wecom-email
version: 1.0.0
description: >
企业微信邮箱操作 - 使用专用邮箱发送邮件。
支持读取会议纪要、业务文档等作为邮件内容发送。
author: SC
keywords: [email, mail, smtp, wecom, notification]
metadata:
openclaw:
emoji: "📧"
category: productivity
---
# 📧 WeCom Email - 企业微信邮箱
使用专用邮箱发送工作邮件。
## 快速开始
### 1. 配置 SMTP
| 配置项 | 值 |
|--------|-----|
| SMTP服务器 | smtp.exmail.qq.com |
| SMTP端口 | 465 (SSL) |
| 邮箱账号 | YOUR_EMAIL@YOUR_DOMAIN.COM |
| 凭证文件 | ~/.openclaw/workspace/memory/sc-email-credentials.enc |
### 2. 发送邮件
```python
import smtplib
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
SMTP_SERVER = "smtp.exmail.qq.com"
SMTP_USER = "YOUR_EMAIL@YOUR_DOMAIN.COM"
SMTP_PASSWORD = "YOUR_PASSWORD"
msg = MIMEMultipart()
msg['From'] = SMTP_USER
msg['To'] = "recipient@example.com"
msg['Subject'] = "邮件主题"
msg.attach(MIMEText("邮件内容", 'plain', 'utf-8'))
server = smtplib.SMTP_SSL('smtp.exmail.qq.com', 465)
server.login(SMTP_USER, SMTP_PASSWORD)
server.sendmail(SMTP_USER, ["recipient@example.com"], msg.as_string())
server.quit()
```
## 安全规则
### 发送条件
- ✅ 需要用户明确指令才能发送
- ✅ 只能发送工作相关内容
- ✅ 使用专用邮箱账号
### 禁止发送
- ❌ 密码、token、密钥等鉴权信息
- ❌ 个人隐私信息
- ❌ 非工作相关内容
### 账号权限
- 专用邮箱: 仅授权用户可用
- SC代发邮箱: 需用户明确授权
## 使用示例
### 发送会议纪要
```python
# 读取会议纪要文件
with open("meeting-minutes.md", 'r') as f:
content = f.read()
# 发送邮件
send_email(
to=["colleague@example.com"],
subject="会议纪要 - 日期",
body=content
)
```
### 命令行发送
```bash
# 直接使用Python脚本发送
python3 scripts/send-email.py --to "xxx@example.com" --subject "主题" --body "内容"
```
## 凭证管理
- 凭证位置: ~/.openclaw/workspace/memory/sc-email-credentials.enc
- 编码方式: Base64 或 AES 加密
- 解码命令示例: `base64 -d ~/.openclaw/workspace/memory/sc-email-credentials.enc`
## 相关文件
- 邮箱列表: ~/.openclaw/workspace/memory/enmo-emails.enc
- 个人邮箱: ~/.openclaw/workspace/memory/email-credentials.enc (仅授权账号可用)
---
## 触发词
当用户提到以下内容时激活此Skill:
- "发送邮件"
- "发邮件"
- "邮件通知"
- "发送会议纪要"
- "用邮箱通知"