read-no-evil-mcp

✓Verified·Scanned 2/18/2026

Provides secure email access with local prompt-injection scanning and a CLI to list, read, send, and move mail. It reads ~/.config/read-no-evil-mcp/config.yaml and ~/.config/read-no-evil-mcp/.env, uses RNOE_ACCOUNT_{ACCOUNT_ID}_PASSWORD, and connects to configured IMAP/SMTP hosts such as mail.example.com.

from clawhub.ai·v87f8c6a·14.0 KB·0 installs

Scanned from 0.2.0 at 87f8c6a · Transparency log ↗

$ vett add clawhub.ai/thekie/read-no-evil-mcp

Clawbot Skill: read-no-evil-mcp

Secure email access for Clawbot with prompt injection protection.

Uses read-no-evil-mcp to scan emails for prompt injection attacks before your AI agent sees them.

Features

📧 List, read, send, and move emails via IMAP/SMTP
🛡️ Automatic prompt injection detection using ML
🔒 Local inference — no data sent to external APIs
⚙️ Configurable permissions per account

Installation

Via ClawHub

clawhub install read-no-evil-mcp

Manual

git clone https://github.com/thekie/read-no-evil-clawbot-skill.git ~/.clawbot/skills/read-no-evil-mcp
pip install "read-no-evil-mcp==0.2.0"

Note: Skill version matches the required read-no-evil-mcp package version.

Configuration

1. Create config file

Create ~/.config/read-no-evil-mcp/config.yaml:

accounts:
  - id: "default"
    type: "imap"
    host: "mail.example.com"
    port: 993
    username: "you@example.com"
    ssl: true
    permissions:
      read: true
      send: false
      delete: false
      move: false
    smtp_host: "mail.example.com"
    smtp_port: 587
    from_address: "you@example.com"
    from_name: "Your Name"

2. Set credentials

Create ~/.config/read-no-evil-mcp/.env:

RNOE_ACCOUNT_DEFAULT_PASSWORD=your-password

The environment variable format is RNOE_ACCOUNT_{ACCOUNT_ID}_PASSWORD (uppercase).

Usage

# List recent emails
rnoe-mail.py list

# List with options
rnoe-mail.py list --limit 10 --days 7

# Read email (scanned for prompt injection!)
rnoe-mail.py read <uid>

# Send email (requires send permission)
rnoe-mail.py send --to "user@example.com" --subject "Hello" --body "Message"

# List folders
rnoe-mail.py folders

# Move email to folder
rnoe-mail.py move <uid> --to "Archive"

Prompt Injection Detection

All emails are automatically scanned before content is shown:

Safe email: Content is displayed normally
Injection detected: Exit code 2, shows score and patterns

The detection uses ProtectAI's DeBERTa model running locally.

Permissions

Configure what operations are allowed per account:

Permission	Description
`read`	List and read emails
`send`	Send emails via SMTP
`delete`	Delete emails (use with caution!)
`move`	Move emails between folders

All permissions default to false except read.

Security Notes

🔐 Credentials stored locally, never transmitted
🤖 ML model runs locally — no external API calls
⚠️ Enable write permissions only when needed
📝 Consider using app-specific passwords

Credits

read-no-evil-mcp — The underlying secure email library
ProtectAI — Prompt injection detection model

License

Apache 2.0 — See LICENSE