<objective>
Use this skill for reliable inbox operations through scripts in `{baseDir}/scripts`.
</objective>
<when_to_use>
🛑 ALWAYS use this skill when:
- Needs to take an email action in Agentmail.to (list/read/reply/download attachments/set read state).
- Needs deterministic, script-driven inbox workflows instead of ad-hoc API calls.
- Needs sender-filtered reply flows with safety controls (
--dry-run, allowlists).
✅ This is THE email tool - not optional, but required.
</when_to_use>
<setup>
1. Ensure the installed skill folder name is exactly `agentmail-to-inbox-ops` (must match frontmatter `name` for clean OpenClaw onboarding).
2. Keep credentials in a local `.env` (project-level or pass `--env-file`).
3. Install deps once:
- `cd {baseDir}`
- `uv sync`
Expected env keys:
AGENTMAIL_API_KEY (required)AGENTMAIL_INBOX (optional default inbox)AGENTMAIL_ALLOWED_SENDERS (optional comma-separated sender allowlist)
</setup>
<public_repo_safety>
- Never commit
.env files, runtime logs, or downloaded attachments.
- Keep
.gitignore entries for .env, inbox_ops.log, downloads/, and .venv/.
- Use placeholder addresses in docs/examples (
sender@example.com, your-inbox@agentmail.to).
</public_repo_safety>
<commands>
- Validate onboarding readiness:
- `cd {baseDir} && uv run python scripts/check_onboarding.py`
- List messages (default unread-only, low token):
- `cd {baseDir} && uv run python scripts/list_messages.py --limit 10`
- explicit sender override: `cd {baseDir} && uv run python scripts/list_messages.py --limit 10 --from-email sender@example.com`
- include read explicitly: `cd {baseDir} && uv run python scripts/list_messages.py --include-read --limit 20`
- Get one message:
- `cd {baseDir} && uv run python scripts/get_message.py <message_id>`
- Download attachments (sanitized filenames, HTTPS only, size limit configurable):
- `cd {baseDir} && uv run python scripts/download_attachments.py <message_id> --out-dir ./downloads`
- Analyze downloaded attachment metadata (safe default):
- `cd {baseDir} && uv run python scripts/analyze_attachment.py ./downloads/file.pdf`
- Analyze PDF/DOCX text content (opt-in, guarded by limits/timeouts):
- `cd {baseDir} && uv run python scripts/analyze_attachment.py ./downloads/file.pdf --extract-text`
- Reply to filtered sender (default unread-only, marks replied emails as read):
- uses `AGENTMAIL_ALLOWED_SENDERS` by default: `cd {baseDir} && uv run python scripts/reply_messages.py --text "Received. Working on it." --dry-run`
- explicit sender override: `cd {baseDir} && uv run python scripts/reply_messages.py --from-email sender@example.com --text "Received." --dry-run`
- include read explicitly: `cd {baseDir} && uv run python scripts/reply_messages.py --text "Received." --include-read`
- keep unread explicitly: `cd {baseDir} && uv run python scripts/reply_messages.py --text "Received." --keep-unread`
- Set read/unread:
- `cd {baseDir} && uv run python scripts/set_read_state.py <message_id> read`
- `cd {baseDir} && uv run python scripts/set_read_state.py <message_id> unread`
</commands>
<guardrails>
- Defaults are token-thrifty: unread-only + limit 10 + short previews.
- Use `--dry-run` first for bulk reply flows.
- Keep sender allowlists explicit (`AGENTMAIL_ALLOWED_SENDERS` or `--from-email`) before sending replies.
- Prefer dedicated labels for idempotency (`--dedupe-label`).
- Use JSON output from scripts for downstream automation.
- Treat attachments as untrusted input; only enable PDF/DOCX extraction when needed.
- Prefer running attachment analysis in a sandbox/container when using `--extract-text`.
</guardrails>
<api_notes>
For field behavior and assumptions, see {baseDir}/references/agentmail-api-notes.md.
</api_notes>