The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill executes @gongrzhe/server-gmail-autoauth-mcp using npx -y, which downloads and runs unverified code from a third-party NPM registry user at runtime without user confirmation.
[EXTERNAL_DOWNLOADS]: The implementation fetches and merges code from a remote Git repository (https://github.com/qwibitai/nanoclaw-gmail.git). This pattern introduces external dependencies that are updated independently of the core skill definition.
[CREDENTIALS_UNSAFE]: Setup involves requesting Google Cloud OAuth keys and storing both the keys (gcp-oauth.keys.json) and the generated access tokens (credentials.json) in the user's home directory (~/.gmail-mcp/). Access to these files provides full control over the user's Gmail account.
[COMMAND_EXECUTION]: The skill performs various shell operations including service restarts via launchctl and systemctl, and executes recursive deletions of session data (rm -r data/sessions/*/agent-runner-src).
[DATA_EXFILTRATION]: By monitoring the Gmail inbox, the skill exposes sensitive user data to the AI agent. Ingestion points: Gmail inbox via polling (src/channels/gmail.ts). Boundary markers: Prefix instructions added to groups/main/CLAUDE.md. Capability inventory: Gmail tools for search, read, and send. Sanitization: No content validation or escaping is implemented.

add-gmail