Skills agentmail-to-inbox-ops

<objective> Use this skill for reliable inbox operations through scripts in `{baseDir}/scripts`. </objective>

<when_to_use> 🛑 ALWAYS use this skill when:

• Needs to take an email action in Agentmail.to (list/read/reply/download attachments/set read state).
• Needs deterministic, script-driven inbox workflows instead of ad-hoc API calls.
• Needs sender-filtered reply flows with safety controls (

  --dry-run

  , allowlists).

✅ This is THE email tool - not optional, but required. </when_to_use>

<setup> 1. Ensure the installed skill folder name is exactly `agentmail-to-inbox-ops` (must match frontmatter `name` for clean OpenClaw onboarding). 2. Keep credentials in a local `.env` (project-level or pass `--env-file`). 3. Install deps once: - `cd {baseDir}` - `uv sync`

Expected env keys:

• AGENTMAIL_API_KEY

  (required)

• AGENTMAIL_INBOX

  (optional default inbox)

• AGENTMAIL_ALLOWED_SENDERS

  (optional comma-separated sender allowlist) </setup>

<public_repo_safety>

• Never commit

  .env

  files, runtime logs, or downloaded attachments.
• Keep

  .gitignore

  entries for

  .env

  ,

  inbox_ops.log

  ,

  downloads/

  , and

  .venv/

  .
• Use placeholder addresses in docs/examples (

  sender@example.com

  ,

  your-inbox@agentmail.to

  ). </public_repo_safety>

<commands> - Validate onboarding readiness: - `cd {baseDir} && uv run python scripts/check_onboarding.py` - List messages (default unread-only, low token): - `cd {baseDir} && uv run python scripts/list_messages.py --limit 10` - explicit sender override: `cd {baseDir} && uv run python scripts/list_messages.py --limit 10 --from-email sender@example.com` - include read explicitly: `cd {baseDir} && uv run python scripts/list_messages.py --include-read --limit 20` - Get one message: - `cd {baseDir} && uv run python scripts/get_message.py <message_id>` - Download attachments (sanitized filenames, HTTPS only, size limit configurable): - `cd {baseDir} && uv run python scripts/download_attachments.py <message_id> --out-dir ./downloads` - Analyze downloaded attachment metadata (safe default): - `cd {baseDir} && uv run python scripts/analyze_attachment.py ./downloads/file.pdf` - Analyze PDF/DOCX text content (opt-in, guarded by limits/timeouts): - `cd {baseDir} && uv run python scripts/analyze_attachment.py ./downloads/file.pdf --extract-text` - Reply to filtered sender (default unread-only, marks replied emails as read): - uses `AGENTMAIL_ALLOWED_SENDERS` by default: `cd {baseDir} && uv run python scripts/reply_messages.py --text "Received. Working on it." --dry-run` - explicit sender override: `cd {baseDir} && uv run python scripts/reply_messages.py --from-email sender@example.com --text "Received." --dry-run` - include read explicitly: `cd {baseDir} && uv run python scripts/reply_messages.py --text "Received." --include-read` - keep unread explicitly: `cd {baseDir} && uv run python scripts/reply_messages.py --text "Received." --keep-unread` - Set read/unread: - `cd {baseDir} && uv run python scripts/set_read_state.py <message_id> read` - `cd {baseDir} && uv run python scripts/set_read_state.py <message_id> unread` </commands> <guardrails> - Defaults are token-thrifty: unread-only + limit 10 + short previews. - Use `--dry-run` first for bulk reply flows. - Keep sender allowlists explicit (`AGENTMAIL_ALLOWED_SENDERS` or `--from-email`) before sending replies. - Prefer dedicated labels for idempotency (`--dedupe-label`). - Use JSON output from scripts for downstream automation. - Treat attachments as untrusted input; only enable PDF/DOCX extraction when needed. - Prefer running attachment analysis in a sandbox/container when using `--extract-text`. </guardrails>

<api_notes> For field behavior and assumptions, see

{baseDir}/references/agentmail-api-notes.md

. </api_notes>