The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill fetches and merges code from a remote Git repository 'https://github.com/qwibitai/nanoclaw-gmail.git' and executes the external NPM package '@gongrzhe/server-gmail-autoauth-mcp' via 'npx' to perform Gmail OAuth authorization.
[EXTERNAL_DOWNLOADS]: It downloads source code from the vendor's GitHub repository and dependencies from the NPM registry, including the 'googleapis' library and the 'server-gmail-autoauth-mcp' utility.
[COMMAND_EXECUTION]: The skill executes multiple shell commands for configuration, environment setup, container building, testing, and service management ('npm install', 'npx vitest', 'launchctl kickstart').
[PROMPT_INJECTION]: The skill enables an automated Gmail channel that polls for new messages and processes them within the agent context. This introduces a vulnerability to indirect prompt injection where an external attacker could send a malicious email to manipulate the agent's behavior. Evidence Chain: 1. Ingestion points: 'src/channels/gmail.ts' (monitors Gmail inbox). 2. Boundary markers: Absent in the code; instructions in 'CLAUDE.md' provide guidance but not robust delimiters. 3. Capability inventory: The agent has access to Gmail tool sets (send, search, draft) and system shell commands. 4. Sanitization: No evidence of validation or sanitization of email content before processing.

add-gmail