email-mentions
Monitor Gmail inbox with security scanning. Tracks emails by trust level, scans for prompt injection, and quarantines suspicious content. Only authorized senders can issue commands.
Why use this skill?
Securely monitor your Gmail with OpenClaw email-mentions. Features advanced prompt injection defense, trust-based sender filtering, and automated quarantining of suspicious emails.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/gigi-trifle/email-mentionsWhat This Skill Does
The email-mentions skill for OpenClaw is a robust security-focused gateway designed to bridge your Gmail inbox with autonomous agent workflows. Unlike standard mail clients, this skill treats every incoming message as a potential attack vector. It implements a rigorous trust-based filtering system that categorizes emails into three tiers: authorized, external, and suspicious. By leveraging a local security layer, it scans for advanced prompt injection techniques, including hidden zero-width characters, fake system outputs like [SYSTEM] tags, and malicious Base64 payloads.
When a message is received, the skill performs a real-time security audit. If a message is deemed safe but comes from an unknown source, it is marked as external for manual review. If malicious patterns are detected, the system immediately quarantines the content to prevent unauthorized agent execution. This ensures that your agent only acts upon instructions that have passed verification, providing a safe environment for automated command processing.
Installation
To install this skill, use the ClawHub interface: clawhub install openclaw/skills/skills/gigi-trifle/email-mentions. Once installed, locate your configuration file at ~/.openclaw/workspace/skills/email-mentions/config.json. Update the account field to your Gmail address and populate the authorizedSenders array with the email addresses of individuals or services you trust. Finally, set up the suggested cron job in your OpenClaw gateway to ensure the agent periodically scans your inbox every two minutes.
Use Cases
- Secure Task Delegation: Allow trusted team members to trigger agent workflows directly via email.
- Automated Alert Filtering: Automatically monitor high-priority emails while quarantining suspicious phishing attempts or malicious instructions.
- Agentic Workflow Integration: Trigger complex automation tasks based on specific, verified email content without exposing the agent to untrusted input.
Example Prompts
- "Check for new emails and summarize any authorized messages sent within the last hour."
- "List all quarantined emails and show me the injection scan results for the most recent one."
- "Add [email protected] to my authorized senders list and update the email-mentions configuration."
Tips & Limitations
- Manual Oversight: While the system is highly secure, always periodically review the 'quarantined' and 'pending' lists to ensure no legitimate mail was flagged incorrectly.
- Whitelisting: Be conservative with the
authorizedSenderslist; only grant access to users who strictly follow your interaction guidelines. - Scope: The skill is designed specifically for Gmail; ensure your API credentials have the correct scopes enabled for read access.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-gigi-trifle-email-mentions": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: file-read, file-write, external-api, code-execution
Related Skills
good-morning
Play the Good Morning (GM) game - post creative two-word greetings where the first word starts with G and the second with M. Each unique phrase earns points. Use when participating in GM games on Discord or Farcaster.
snake-game
Persistent autoplay daemon for the Trifle Snake game with modular strategy system
got-it
Schelling point coordination game where players converge on a shared word. Use when someone initiates the "got it" game, when managing active game state in Discord/Telegram channels, or when responding to "got it" messages during gameplay.
good-morning
Play the Good Morning (GM) game - post creative two-word greetings where the first word starts with G and the second with M. Each unique phrase earns points. Use when participating in GM games on Discord or Farcaster.
got-it
Schelling point coordination game where players converge on a shared word. Use when someone initiates the "got it" game, when managing active game state in Discord/Telegram channels, or when responding to "got it" messages during gameplay.