Security Audit

apple-mail-search

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

TRUSTED

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

apple-mail-search received a trust score of 84/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.

SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 0 medium, and 1 low severity. Key findings include Unpinned npm dependency for `apple-mail-search-cli`, Use of AppleScript for reading email body content.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

83%

Behavioral Risk Signals

Shell Execution

1 finding

Security Findings2

Severity	Finding	Layer	Location
HIGH	Unpinned npm dependency for `apple-mail-search-cli` The skill manifest specifies `apple-mail-search-cli` as a required npm package but does not pin it to a specific version. This allows for arbitrary code execution if a malicious version is published to npm, or if the package maintainer introduces malicious code in a future update. Users installing this skill would automatically receive the latest version, which could be compromised. Pin the `apple-mail-search-cli` dependency to a specific, known-good version (e.g., `"package": "apple-mail-search-cli@1.2.3"`) in the `install` section of the manifest to ensure deterministic and secure installations.	LLM	SKILL.md
LOW	Use of AppleScript for reading email body content The skill description indicates that AppleScript is used to 'Read full email body'. While the skill claims to be 'read-only' and 'cannot compose/send', AppleScript is a powerful scripting language on macOS that can interact with applications in broad ways. Without inspecting the underlying `fruitmail` source code, there's a potential for the AppleScript to be misused or to have broader capabilities than strictly necessary for reading email bodies, even if currently constrained. Ensure the `fruitmail` CLI tool's AppleScript implementation is strictly scoped to only read the email body and does not have capabilities to perform other actions (e.g., sending emails, accessing other files). Consider providing the AppleScript source for review if possible to verify its limited scope.	LLM	SKILL.md:78

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/16d324ed13789428.svg)](https://skillshield.io/report/16d324ed13789428)