# Send Email Importance Content Analysis to your agent Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually. ## Fast path - Download the package from Yavira. - Extract it into a folder your agent can access. - Paste one of the prompts below and point your agent at the extracted folder. ## Suggested prompts ### New install ```text I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete. ``` ### Upgrade existing ```text I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run. ``` ## Machine-readable fields ```json { "schemaVersion": "1.0", "item": { "slug": "email-importance-content-analysis", "name": "Email Importance Content Analysis", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/shingo0620/email-importance-content-analysis", "canonicalUrl": "https://clawhub.ai/shingo0620/email-importance-content-analysis", "targetPlatform": "OpenClaw" }, "install": { "downloadUrl": "/downloads/email-importance-content-analysis", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=email-importance-content-analysis", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "packageFormat": "ZIP package", "primaryDoc": "SKILL.md", "includedAssets": [ "CHANGELOG.md", "SKILL.md" ], "downloadMode": "redirect", "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-30T16:55:25.780Z", "expiresAt": "2026-05-07T16:55:25.780Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=network", "contentDisposition": "attachment; filename=\"network-1.0.0.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/email-importance-content-analysis" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] } }, "links": { "detailUrl": "https://openagent3.xyz/skills/email-importance-content-analysis", "downloadUrl": "https://openagent3.xyz/downloads/email-importance-content-analysis", "agentUrl": "https://openagent3.xyz/skills/email-importance-content-analysis/agent", "manifestUrl": "https://openagent3.xyz/skills/email-importance-content-analysis/agent.json", "briefUrl": "https://openagent3.xyz/skills/email-importance-content-analysis/agent.md" } } ``` ## Documentation ### Email Importance Content Analysis Use a subject/title-first triage, then perform technical verification (headers/links/attachments) only when warranted, and only then validate with content analysis. Treat sender display name, badges, labels, and “From” appearance as untrusted. ### 1) Title/subject + sender triage (cheap first-pass) Use only: subject line + sender (display name + email address/domain as shown). Do not click anything. Important: treat sender as weak signal (can be spoofed). Use it for triage only. 1A) Fast-drop rules (save time) If the sender looks obviously sloppy/spoofed AND the email is not expected, classify as Likely scam/ads and stop (do not spend time on technical verification). Examples of fast-drop signals: Display name claims a bank/government/major brand but the address is from a free mailbox (gmail/outlook/163/qq) or unrelated domain Lookalike domains / typo-squatting: paypaI (I/l), micros0ft (0/O), extra -secure/-verify, weird punctuation Suspicious TLDs or brand stuffed into subdomain: brand.security-check.example.com Very unprofessional local-part patterns (random digits/strings) while claiming official identity Pure promo patterns (promo/marketing/news) + obvious sales subject ⇒ treat as ads 1B) Escalate rules (to technical verification) Escalate for technical verification if subject OR sender implies any of: Money/settlement: 扣款/圈存/付款/退款/發票/帳單/對帳單/繳費 Account/security: 登入/驗證/密碼重設/異常登入/停權/封鎖/安全警告 Delivery/download: 文件下載/取件號碼/包裹/物流失敗 Urgency/threat: 最後通知/24小時內/立即/否則將… Execution: 附件/請下載/請開啟/啟用巨集 If the subject is clearly marketing/newsletter and no action is implied ⇒ usually stop here (Low). If it triggers the fast-drop rules, you may label it as: Importance: Low Risk: Medium–High (spoof attempt) Next step: Do not click; optionally mark as spam/block ### 2) Technical verification (only for emails that passed title triage) Prefer evaluating raw email headers / “Show original” output (or via gog gmail get). Check: Authentication-Results: SPF / DKIM / DMARC results (pass|fail|neutral) and note which domain they authenticate Alignment: whether DKIM d= domain / SPF MAIL FROM / DMARC aligns with the visible From domain From vs Reply-To mismatch Links and attachments: Expand the real target domain (hover/copy link) — don’t trust anchor text Note risky attachments (e.g., .zip, .iso, .js, .vbs, .docm, password-protected archives) If headers are not available, mark Technical verdict = Unknown and increase caution. ### 3) Extract the actionable claims (facts only) — only if technical verification passes From the email body, list: What happened / what they claim happened What they want the recipient to do (and by when) What account/system/money is involved What evidence they provide (order id, invoice id, ticket id, last-4 digits, timestamps) ### 4) Classify the required action (drives importance) Rank higher if it requires any of: Account access / authentication: login, password reset, 2FA codes, device approval Money movement: payment, wire, subscription renewal, invoice settlement, refunds Permissions / security posture: granting access, changing roles, API keys, OAuth consent Software execution: download/open an attachment, run a file, enable macros Data disclosure: personal/company info, documents, ID numbers ### 5) Content risk patterns (red flags) Increase risk if the content shows: Urgency / threat: “within 24h”, “account will be closed”, “legal action”, “final notice” Secrecy / bypass: “don’t tell others”, “use personal email”, “avoid normal process” Mismatch / vagueness: generic greeting, unclear context, missing specifics the real sender would know Odd requests: asking for OTP, gift cards, crypto, remote access, or direct bank changes Link/attachment pressure: “click to verify”, “download to view”, “enable macros” ### 6) Choose safe verification (do not trust the email path) Even if SPF/DKIM/DMARC pass, for sensitive actions recommend out-of-band verification: Navigate via known official entry points (typed URL, app, bookmark), not email links If it claims an account issue: check account status by logging in from official site/app If it’s a vendor/payment issue: verify using the invoice/order id inside the official portal If it’s workplace related: verify via internal chat/phone using known contacts ### 7) Output: priority + next action Always provide: Title triage verdict: Escalate / Ignore Technical verdict: Pass / Fail / Unknown Importance level: Critical / High / Medium / Low Risk level: High (likely phishing) / Medium / Low Recommended next step: what to do now, what not to do, and how to verify ### Decision Heuristics (quick) Technical FAIL (SPF/DKIM/DMARC fail or obvious mismatch) + any call-to-action ⇒ Risk: High (treat as phishing) regardless of “importance”. Critical: money/credentials/permissions + urgency OR any request for OTP/macro/remote access. High: requires action soon, could cause loss of access/service interruption, but can be verified safely via official channels. Medium: informational but relevant; no immediate sensitive action. Low: newsletters, marketing, generic updates with no action. ### Response Template (use in replies) Title triage (why it escalates / why it can be ignored): Technical verification (SPF/DKIM/DMARC + alignment + From/Reply-To + link/attachment notes): Summary (1–2 lines): What it’s asking you to do: Why it may matter (impact if ignored): Red flags (if any): Safe verification path: Recommendation (do / don’t): ## Trust - Source: tencent - Verification: Indexed source record - Publisher: shingo0620 - Version: 1.0.1 ## Source health - Status: healthy - Source download looks usable. - Yavira can redirect you to the upstream package for this source. - Health scope: source - Reason: direct_download_ok - Checked at: 2026-04-30T16:55:25.780Z - Expires at: 2026-05-07T16:55:25.780Z - Recommended action: Download for OpenClaw ## Links - [Detail page](https://openagent3.xyz/skills/email-importance-content-analysis) - [Send to Agent page](https://openagent3.xyz/skills/email-importance-content-analysis/agent) - [JSON manifest](https://openagent3.xyz/skills/email-importance-content-analysis/agent.json) - [Markdown brief](https://openagent3.xyz/skills/email-importance-content-analysis/agent.md) - [Download page](https://openagent3.xyz/downloads/email-importance-content-analysis)