{ "schemaVersion": "1.0", "item": { "slug": "email-webhook", "name": "Email Webhook", "source": "tencent", "type": "skill", "category": "通讯协作", "sourceUrl": "https://clawhub.ai/lksrz/email-webhook", "canonicalUrl": "https://clawhub.ai/lksrz/email-webhook", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/email-webhook", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=email-webhook", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "SKILL.md", "scripts/webhook_server.js" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/email-webhook" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/email-webhook", "agentPageUrl": "https://openagent3.xyz/skills/email-webhook/agent", "manifestUrl": "https://openagent3.xyz/skills/email-webhook/agent.json", "briefUrl": "https://openagent3.xyz/skills/email-webhook/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Email Webhook Receiver", "body": "This skill provides a secure endpoint to receive emails as standardized JSON webhooks and automatically wakes the agent." }, { "title": "🤖 Agent Setup (Post-Install)", "body": "After installing and starting this skill, add the following logic to your HEARTBEAT.md:\n\n### 📧 Inbound Email Check\n- Read `` (configured via INBOX_FILE or default: inbox.jsonl in cwd)\n- Compare the latest `receivedAt` timestamp with your last-checked timestamp\n- If there are NEW emails since last check:\n - Notify the user via their last active communication channel (Discord, WhatsApp, etc.)\n - Format: \"📧 New email from [from]: [subject] — [text preview]\"\n - Update your last-checked timestamp\n- If no new emails: continue silently\n\n💡 You don't need to know the user's channel in advance — use the most recently active channel from your session history. If you're unsure how to reach the user, ask them directly.\n\nThe skill fires openclaw system event on each incoming email to wake you immediately. Your HEARTBEAT.md logic will then run and handle the notification." }, { "title": "⚡️ Wake Mechanism", "body": "When an email is received, the server invokes openclaw system event --mode now. This ensures the agent is notified immediately and can process the incoming communication without waiting for the next heartbeat cycle." }, { "title": "Command Injection Protection", "body": "The server uses secure process spawning (child_process.spawn) with argument arrays instead of shell execution. User-controlled input (email headers) cannot be used to execute arbitrary system commands." }, { "title": "Path Traversal Protection", "body": "The INBOX_FILE parameter is sanitized using path.basename(), ensuring that files are only written within the server's working directory." }, { "title": "Authentication", "body": "A strong WEBHOOK_SECRET environment variable is REQUIRED for the server to start. All incoming requests must provide this secret in the Authorization: Bearer header." }, { "title": "Data Storage", "body": "Local Inbox: Incoming emails (raw body and metadata) are appended to a local inbox.jsonl file.\nCleanup: Users should periodically rotate or delete the inbox file to save disk space and protect privacy." }, { "title": "Environment Variables", "body": "VariableRequiredDefaultDescriptionWEBHOOK_SECRETYes—Secret token for webhook authentication.OPENCLAW_AGENT_IDYes—Your agent ID (e.g. skippy). Without this, incoming emails wake ALL agents on the server.PORTNo2083Port to listen on. Configurable — set to match your OPENCLAW_WEBHOOK_URL.INBOX_FILENoinbox.jsonlFilename for the activity feed." }, { "title": "Setup", "body": "Install dependencies:\nnpm install express@4.21.2\n\n\nStart Server:\nWEBHOOK_SECRET=your-strong-token node scripts/webhook_server.js" }, { "title": "Cloudflare Setup", "body": "This server listens on port 2082. Cloudflare natively supports port 2082 as an HTTP origin port with Flexible SSL.\n\nWhen configuring your Cloudflare Email Worker, set OPENCLAW_WEBHOOK_URL using http:// with the port explicitly:\n\nhttps://webhook.yourdomain.com:2083/api/email\n\nPort 2083 is a Cloudflare-supported port. Works with Flexible SSL — the server uses a self-signed certificate (auto-generated on first run) which Cloudflare accepts on this port.\n\n⚠️ If you use a different port, set the PORT env var when starting the server.\n⚠️ If you omit the port in the Worker URL, Cloudflare defaults to port 80 → 404.\n\nDNS setup: create an A record for webhook.yourdomain.com pointing to your server IP with the orange cloud (proxy) enabled." }, { "title": "Runtime Requirements", "body": "Requires: express, node, openclaw CLI." } ], "body": "Email Webhook Receiver\n\nThis skill provides a secure endpoint to receive emails as standardized JSON webhooks and automatically wakes the agent.\n\n🤖 Agent Setup (Post-Install)\n\nAfter installing and starting this skill, add the following logic to your HEARTBEAT.md:\n\n### 📧 Inbound Email Check\n- Read `` (configured via INBOX_FILE or default: inbox.jsonl in cwd)\n- Compare the latest `receivedAt` timestamp with your last-checked timestamp\n- If there are NEW emails since last check:\n - Notify the user via their last active communication channel (Discord, WhatsApp, etc.)\n - Format: \"📧 New email from [from]: [subject] — [text preview]\"\n - Update your last-checked timestamp\n- If no new emails: continue silently\n\n\n💡 You don't need to know the user's channel in advance — use the most recently active channel from your session history. If you're unsure how to reach the user, ask them directly.\n\nThe skill fires openclaw system event on each incoming email to wake you immediately. Your HEARTBEAT.md logic will then run and handle the notification.\n\n⚡️ Wake Mechanism\n\nWhen an email is received, the server invokes openclaw system event --mode now. This ensures the agent is notified immediately and can process the incoming communication without waiting for the next heartbeat cycle.\n\n🚨 Security & Privacy\nCommand Injection Protection\n\nThe server uses secure process spawning (child_process.spawn) with argument arrays instead of shell execution. User-controlled input (email headers) cannot be used to execute arbitrary system commands.\n\nPath Traversal Protection\n\nThe INBOX_FILE parameter is sanitized using path.basename(), ensuring that files are only written within the server's working directory.\n\nAuthentication\n\nA strong WEBHOOK_SECRET environment variable is REQUIRED for the server to start. All incoming requests must provide this secret in the Authorization: Bearer header.\n\nData Storage\nLocal Inbox: Incoming emails (raw body and metadata) are appended to a local inbox.jsonl file.\nCleanup: Users should periodically rotate or delete the inbox file to save disk space and protect privacy.\nEnvironment Variables\nVariable\tRequired\tDefault\tDescription\nWEBHOOK_SECRET\tYes\t—\tSecret token for webhook authentication.\nOPENCLAW_AGENT_ID\tYes\t—\tYour agent ID (e.g. skippy). Without this, incoming emails wake ALL agents on the server.\nPORT\tNo\t2083\tPort to listen on. Configurable — set to match your OPENCLAW_WEBHOOK_URL.\nINBOX_FILE\tNo\tinbox.jsonl\tFilename for the activity feed.\nSetup\nInstall dependencies:\nnpm install express@4.21.2\n\nStart Server:\nWEBHOOK_SECRET=your-strong-token node scripts/webhook_server.js\n\nCloudflare Setup\n\nThis server listens on port 2082. Cloudflare natively supports port 2082 as an HTTP origin port with Flexible SSL.\n\nWhen configuring your Cloudflare Email Worker, set OPENCLAW_WEBHOOK_URL using http:// with the port explicitly:\n\nhttps://webhook.yourdomain.com:2083/api/email\n\n\nPort 2083 is a Cloudflare-supported port. Works with Flexible SSL — the server uses a self-signed certificate (auto-generated on first run) which Cloudflare accepts on this port.\n\n⚠️ If you use a different port, set the PORT env var when starting the server. ⚠️ If you omit the port in the Worker URL, Cloudflare defaults to port 80 → 404.\n\nDNS setup: create an A record for webhook.yourdomain.com pointing to your server IP with the orange cloud (proxy) enabled.\n\nRuntime Requirements\n\nRequires: express, node, openclaw CLI." }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/lksrz/email-webhook", "publisherUrl": "https://clawhub.ai/lksrz/email-webhook", "owner": "lksrz", "version": "2.6.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/email-webhook", "downloadUrl": "https://openagent3.xyz/downloads/email-webhook", "agentUrl": "https://openagent3.xyz/skills/email-webhook/agent", "manifestUrl": "https://openagent3.xyz/skills/email-webhook/agent.json", "briefUrl": "https://openagent3.xyz/skills/email-webhook/agent.md" } }