Security Audit

sundial-org/awesome-openclaw-skills:skills/apple-mail

github.com/sundial-org/awesome-openclaw-skills

AI SkillCommit 6d998e005da6

CRITICAL

Scanned 27 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

sundial-org/awesome-openclaw-skills:skills/apple-mail received a trust score of 0/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.

SkillShield's automated analysis identified 22 findings: 6 critical, 10 high, 6 medium, and 0 low severity. Key findings include Sensitive environment variable access: $HOME, SQL Injection in mail-delete.sh, AppleScript Injection via MAILBOX_PATH in mail-delete.sh.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Static Code Analysis layer scored lowest at 0/100, indicating areas for improvement.

Last analyzed on March 3, 2026 (commit 6d998e00). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

Dependency Graph

100%

LLM Behavioral Safety

100%

Behavioral Risk Signals

Network Access

4 findings

Filesystem Write

5 findings

Shell Execution

22 findings

Dynamic Code

16 findings

Excessive Permissions

12 findings

Security Findings22

Severity	Finding	Layer	Location
CRITICAL	SQL Injection in mail-delete.sh The `MSG_ID` variable, which is user-controlled input, is directly interpolated into an `sqlite3` command's SQL query without proper sanitization or parameterization. An attacker can inject malicious SQL to alter the query's intent, potentially leading to unauthorized data access, modification, or deletion beyond the intended message ID. Use `sqlite3`'s parameter binding feature (e.g., `sqlite3 "$DB_PATH" "SELECT ... WHERE m.ROWID = ?;" "$MSG_ID"`) or rigorously sanitize `MSG_ID` to ensure it is a valid integer before use.	Static	scripts/mail-delete.sh:30
CRITICAL	SQL Injection in mail-fast-search.sh The `QUERY` variable, which is user-controlled input, is directly interpolated into an `sqlite3` command's SQL `LIKE` clause without proper sanitization or parameterization. An attacker can inject malicious SQL to alter the query's intent, potentially leading to unauthorized data access or denial of service. Use `sqlite3`'s parameter binding feature (e.g., `sqlite3 "$TEMP_DB" "SELECT ... WHERE s.subject LIKE ?;" "%${QUERY}%"`) or rigorously sanitize `QUERY` to prevent SQL injection.	Static	scripts/mail-fast-search.sh:47
CRITICAL	SQL Injection in mail-mark-read.sh The `MSG_ID` variable, which is user-controlled input, is directly interpolated into an `sqlite3` command's SQL query without proper sanitization or parameterization. An attacker can inject malicious SQL to alter the query's intent, potentially leading to unauthorized data access, modification, or deletion beyond the intended message ID. Use `sqlite3`'s parameter binding feature (e.g., `sqlite3 "$DB_PATH" "SELECT ... WHERE m.ROWID = ?;" "$MSG_ID"`) or rigorously sanitize `MSG_ID` to ensure it is a valid integer before use.	Static	scripts/mail-mark-read.sh:30
CRITICAL	SQL Injection in mail-mark-unread.sh The `MSG_ID` variable, which is user-controlled input, is directly interpolated into an `sqlite3` command's SQL query without proper sanitization or parameterization. An attacker can inject malicious SQL to alter the query's intent, potentially leading to unauthorized data access, modification, or deletion beyond the intended message ID. Use `sqlite3`'s parameter binding feature (e.g., `sqlite3 "$DB_PATH" "SELECT ... WHERE m.ROWID = ?;" "$MSG_ID"`) or rigorously sanitize `MSG_ID` to ensure it is a valid integer before use.	Static	scripts/mail-mark-unread.sh:30
CRITICAL	SQL Injection in mail-read.sh The `MSG_ID` variable, which is user-controlled input, is directly interpolated into an `sqlite3` command's SQL query without proper sanitization or parameterization. An attacker can inject malicious SQL to alter the query's intent, potentially leading to unauthorized data access, modification, or deletion beyond the intended message ID. Use `sqlite3`'s parameter binding feature (e.g., `sqlite3 "$DB_PATH" "SELECT ... WHERE m.ROWID = ?;" "$MSG_ID"`) or rigorously sanitize `MSG_ID` to ensure it is a valid integer before use.	Static	scripts/mail-read.sh:30
CRITICAL	AppleScript Injection via TO, FROM_ACCOUNT, ATTACHMENT in mail-send.sh (No Escaping) The `TO`, `FROM_ACCOUNT`, and `ATTACHMENT` variables, which are user-controlled inputs, are directly interpolated into AppleScript strings within the `osascript` command without any escaping. An attacker can easily inject arbitrary AppleScript commands by including string delimiters (e.g., double quotes) or other control characters in these inputs, leading to severe unauthorized actions within Mail.app or other applications, including sending emails to unintended recipients, accessing sensitive files, or executing arbitrary code. Implement robust AppleScript escaping for `TO`, `FROM_ACCOUNT`, and `ATTACHMENT` before interpolating them into the `osascript` command. This typically involves replacing double quotes with `\"` and handling other special characters. For `ATTACHMENT`, ensure the path is validated and properly quoted for `POSIX file`.	Static	scripts/mail-send.sh:26
HIGH	AppleScript Injection via MAILBOX_PATH in mail-delete.sh The `MAILBOX_PATH` variable, derived from the database and then unquoted using `urllib.parse.unquote`, is directly interpolated into an AppleScript string within the `osascript` command. If `MAILBOX_PATH` contains AppleScript string delimiters (e.g., double quotes) or other control characters, an attacker could inject arbitrary AppleScript commands, potentially leading to unauthorized actions within Mail.app or other applications. Implement robust AppleScript escaping for `MAILBOX_PATH` before interpolating it into the `osascript` command. This typically involves replacing double quotes with `\"` and handling other special characters or using a safer method to pass data to AppleScript.	Static	scripts/mail-delete.sh:43
HIGH	AppleScript Injection via MAILBOX and ACCOUNT in mail-list.sh The `MAILBOX` and `ACCOUNT` variables, which are user-controlled inputs, are directly interpolated into AppleScript strings within the `osascript` command. If these variables contain AppleScript string delimiters (e.g., double quotes) or other control characters, an attacker could inject arbitrary AppleScript commands, potentially leading to unauthorized actions within Mail.app or other applications. Implement robust AppleScript escaping for `MAILBOX` and `ACCOUNT` before interpolating them into the `osascript` command. This typically involves replacing double quotes with `\"` and handling other special characters or using a safer method to pass data to AppleScript.	Static	scripts/mail-list.sh:13
HIGH	AppleScript Injection via ACCOUNT in mail-mailboxes.sh The `ACCOUNT` variable, which is user-controlled input, is directly interpolated into an AppleScript string within the `osascript` command. If `ACCOUNT` contains AppleScript string delimiters (e.g., double quotes) or other control characters, an attacker could inject arbitrary AppleScript commands, potentially leading to unauthorized actions within Mail.app or other applications. Implement robust AppleScript escaping for `ACCOUNT` before interpolating it into the `osascript` command. This typically involves replacing double quotes with `\"` and handling other special characters or using a safer method to pass data to AppleScript.	Static	scripts/mail-mailboxes.sh:9
HIGH	AppleScript Injection via MAILBOX_PATH in mail-mark-read.sh The `MAILBOX_PATH` variable, derived from the database and then unquoted using `urllib.parse.unquote`, is directly interpolated into an AppleScript string within the `osascript` command. If `MAILBOX_PATH` contains AppleScript string delimiters (e.g., double quotes) or other control characters, an attacker could inject arbitrary AppleScript commands, potentially leading to unauthorized actions within Mail.app or other applications. Implement robust AppleScript escaping for `MAILBOX_PATH` before interpolating it into the `osascript` command. This typically involves replacing double quotes with `\"` and handling other special characters or using a safer method to pass data to AppleScript.	Static	scripts/mail-mark-read.sh:43
HIGH	AppleScript Injection via MAILBOX_PATH in mail-mark-unread.sh The `MAILBOX_PATH` variable, derived from the database and then unquoted using `urllib.parse.unquote`, is directly interpolated into an AppleScript string within the `osascript` command. If `MAILBOX_PATH` contains AppleScript string delimiters (e.g., double quotes) or other control characters, an attacker could inject arbitrary AppleScript commands, potentially leading to unauthorized actions within Mail.app or other applications. Implement robust AppleScript escaping for `MAILBOX_PATH` before interpolating it into the `osascript` command. This typically involves replacing double quotes with `\"` and handling other special characters or using a safer method to pass data to AppleScript.	Static	scripts/mail-mark-unread.sh:43
HIGH	AppleScript Injection via MAILBOX_PATH in mail-read.sh The `MAILBOX_PATH` variable, derived from the database and then unquoted using `urllib.parse.unquote`, is directly interpolated into an AppleScript string within the `osascript` command. If `MAILBOX_PATH` contains AppleScript string delimiters (e.g., double quotes) or other control characters, an attacker could inject arbitrary AppleScript commands, potentially leading to unauthorized actions within Mail.app or other applications. Implement robust AppleScript escaping for `MAILBOX_PATH` before interpolating it into the `osascript` command. This typically involves replacing double quotes with `\"` and handling other special characters or using a safer method to pass data to AppleScript.	Static	scripts/mail-read.sh:43
HIGH	AppleScript Injection via ACCOUNT in mail-refresh.sh The `ACCOUNT` variable, which is user-controlled input, is directly interpolated into AppleScript strings within the `osascript` command. If `ACCOUNT` contains AppleScript string delimiters (e.g., double quotes) or other control characters, an attacker could inject arbitrary AppleScript commands, potentially leading to unauthorized actions within Mail.app or other applications. Implement robust AppleScript escaping for `ACCOUNT` before interpolating it into the `osascript` command. This typically involves replacing double quotes with `\"` and handling other special characters or using a safer method to pass data to AppleScript.	Static	scripts/mail-refresh.sh:57
HIGH	AppleScript Injection via REPLY_BODY in mail-reply.sh (Insufficient Escaping) The `REPLY_BODY` variable, which is user-controlled input, is escaped only for double quotes using `sed 's/"/\\"/g'` before being interpolated into an AppleScript string. This escaping is insufficient as other characters (e.g., backslashes, newlines, or other AppleScript string delimiters) could still allow an attacker to inject arbitrary AppleScript commands, leading to unauthorized actions within Mail.app. Implement a more comprehensive AppleScript escaping function that handles all potentially problematic characters, including backslashes, newlines, and other AppleScript string delimiters. Alternatively, consider passing the reply body via a temporary file or a safer IPC mechanism if available.	Static	scripts/mail-reply.sh:34
HIGH	AppleScript Injection via QUERY and MAILBOX in mail-search.sh The `QUERY` and `MAILBOX` variables, which are user-controlled inputs, are directly interpolated into AppleScript strings within the `osascript` command. If these variables contain AppleScript string delimiters (e.g., double quotes) or other control characters, an attacker could inject arbitrary AppleScript commands, potentially leading to unauthorized actions within Mail.app or other applications. Implement robust AppleScript escaping for `QUERY` and `MAILBOX` before interpolating them into the `osascript` command. This typically involves replacing double quotes with `\"` and handling other special characters or using a safer method to pass data to AppleScript.	Static	scripts/mail-search.sh:16
HIGH	AppleScript Injection via SUBJECT and BODY in mail-send.sh (Insufficient Escaping) The `SUBJECT` and `BODY` variables, which are user-controlled inputs, are escaped only for double quotes using `sed 's/"/\\"/g'` before being interpolated into an AppleScript string. This escaping is insufficient as other characters (e.g., backslashes, newlines, or other AppleScript string delimiters) could still allow an attacker to inject arbitrary AppleScript commands, leading to unauthorized actions within Mail.app. Implement a more comprehensive AppleScript escaping function that handles all potentially problematic characters, including backslashes, newlines, and other AppleScript string delimiters. Alternatively, consider passing these contents via a temporary file or a safer IPC mechanism if available.	Static	scripts/mail-send.sh:24
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/apple-mail/scripts/mail-delete.sh:14
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/apple-mail/scripts/mail-fast-search.sh:15
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/apple-mail/scripts/mail-mark-read.sh:14
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/apple-mail/scripts/mail-mark-unread.sh:14
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/apple-mail/scripts/mail-read.sh:14
MEDIUM	Sensitive environment variable access: $HOME Access to sensitive environment variable '$HOME' detected in shell context. Verify this environment variable access is necessary and the value is not exfiltrated.	Static	skills/apple-mail/scripts/mail-refresh.sh:37

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/1ee8dd1970fcadc6.svg)](https://skillshield.io/report/1ee8dd1970fcadc6)