Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub ยท Developer Tools
AgentCloak - Email Proxy that filters PII, 2FA, and password resets
Secure email proxy for AI agents. Search, read, and draft emails via MCP with server-side credential isolation, PII redaction, prompt injection detection, an...
skill openclawclawhub Free
Secure email proxy for AI agents. Search, read, and draft emails via MCP with server-side credential isolation, PII redaction, prompt injection detection, an...
โฌ 0 downloads โ
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.0.0
Provenance
- Publisher
- ryanfren
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
AgentCloak
Secure email proxy for AI agents. AgentCloak sits between your agent and your email, so the agent gets useful email access without seeing credentials, sensitive financial data, PII, or prompt injection attacks. Every other email skill on ClawHub gives your agent raw, unfiltered access to your inbox. AgentCloak is the only one with a built-in security pipeline.
What makes this different
Credential isolation โ your email password/OAuth tokens stay server-side; the agent only has an API key 4-stage content filter โ blocklist, HTML sanitizer, PII redaction, prompt injection detection Read + draft only โ agents can search, read, list, and draft emails but cannot send, delete, or modify anything Draft safety โ drafts are never sent automatically; you review them first Self-host or hosted โ run your own instance or use the hosted version
Option A: Hosted version (quickest)
Sign up at https://agentcloak.up.railway.app Connect your email (IMAP works with any provider, Gmail OAuth available by invite) Create an API key in the dashboard Configure: export AGENTCLOAK_API_KEY=ac_your_key_here mcporter config add agentcloak \ --baseUrl "https://agentcloak.up.railway.app/mcp" \ --header "Authorization: Bearer $AGENTCLOAK_API_KEY"
Option B: Self-hosted
Clone and run: git clone https://github.com/ryanfren/AgentCloak.git cd agentcloak pnpm install && pnpm build && pnpm dev Open http://localhost:3000, create an account, connect email, create API key Configure: export AGENTCLOAK_URL=http://localhost:3000 export AGENTCLOAK_API_KEY=ac_your_key_here mcporter config add agentcloak \ --baseUrl "${AGENTCLOAK_URL}/mcp" \ --header "Authorization: Bearer $AGENTCLOAK_API_KEY" Requirements for self-hosting: Node.js 20+, pnpm 10+
Available tools
ToolDescriptionKey parameterssearch_emailsSearch emails with Gmail-style queriesquery, max_results (1-200), page_tokenread_emailRead full email content by IDmessage_idlist_threadsList conversation threadsquery, max_results, page_tokenget_threadRead all messages in a threadthread_idcreate_draftCreate a draft (not sent)to, subject, body, in_reply_to_thread_idlist_draftsList existing draftsmax_resultslist_labelsList all labels with unread counts(none)get_provider_infoGet provider type and capabilities(none)
Usage examples
# Search for unread emails mcporter call agentcloak.search_emails query:"is:unread" max_results:10 # Read a specific email mcporter call agentcloak.read_email message_id:"abc123" # Get a full conversation thread mcporter call agentcloak.get_thread thread_id:"thread456" # Draft a reply (not sent until you review it) mcporter call agentcloak.create_draft subject:"Re: Meeting" body:"Sounds good, see you Thursday." in_reply_to_thread_id:"thread456" # List labels and unread counts mcporter call agentcloak.list_labels
Security pipeline
Every email passes through a 4-stage filter before the agent sees it. Each stage is independently configurable from the dashboard.
Stage 1: Blocklist
Blocks emails from sensitive senders outright. Three toggleable categories: Financial โ 40+ domains (Chase, PayPal, Venmo, Coinbase, etc.) Security senders โ patterns like security@, fraud@, alerts@, .gov addresses Security subjects โ password resets, 2FA codes, verification links, login alerts Plus custom blocklists: add your own domains, sender patterns, or subject patterns.
Stage 2: HTML sanitizer
Converts HTML email to plaintext and strips dangerous Unicode (zero-width characters, bidirectional overrides, tag characters, variation selectors) that could be used to hide prompt injection.
Stage 3: PII redaction
Redacts sensitive patterns with placeholders: SSNs, credit card numbers, bank account/routing numbers API keys (sk_, pk_, AWS keys), bearer tokens, PEM private keys Optionally: email addresses, large dollar amounts
Stage 4: Prompt injection detection
Scans for 19 known injection patterns (instruction overrides, role reassignments, system tag injections, data exfiltration attempts). Flags detected content with a [AGENTCLOAK WARNING] prefix so the agent knows the email may be adversarial. Does not block โ lets the agent make an informed decision.
Security and privacy
What data leaves your machine: ScenarioData flowSelf-hostedNothing leaves your machine. All processing is local.Hosted versionYour email credentials are stored server-side (encrypted). Email content passes through the hosted server's filter pipeline. No data is shared with third parties. API keys are hashed (SHA-256) before storage โ the server cannot recover your key after creation Email credentials are stored server-side; the agent never sees them All filtering happens server-side before content reaches the agent The agent can only read and draft โ it cannot send, delete, or modify emails Source code is open: https://github.com/ryanfren/AgentCloak Trust statement: By using the hosted version, you trust the AgentCloak server with access to your email account credentials and content. If this is not acceptable, self-host your own instance for full control.
Email providers
AgentCloak supports three connection methods: IMAP โ works with any email provider (Gmail, Outlook, ProtonMail Bridge, Fastmail, etc.) Gmail OAuth โ direct API access (currently invite-only during beta) Gmail Apps Script โ manual setup via script.google.com, no Google Cloud project needed
Limitations
Read and draft only โ no send, delete, or modify Gmail search syntax only (even for IMAP connections, queries are translated) Attachment content is not accessible (metadata can optionally be shown) Gmail OAuth is invite-only during beta; IMAP and Apps Script are open to all Hosted version is in beta
Links
Homepage: https://agentcloak.up.railway.app Source: https://github.com/ryanfren/AgentCloak License: BSL 1.1
Category context
Code helpers, APIs, CLIs, browser automation, testing, and developer operations.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
1 Docs
- SKILL.md