什么是 clawback？

clawback 是一款专门的安全代理，旨在为 Gmail 操作提供安全接口。它充当用户（或 AI 智能体）与 Gmail API 之间的守门人，确保每项操作（无论是读取、搜索还是发送邮件）都符合预定义的组织策略。通过将所有流量路由经过服务端代理，clawback 提供了强大的审计跟踪功能，并防止未经授权的数据外泄。

该实用工具对于 AI 智能体处理通信的环境特别强大。它引入了人工介入机制，拦截向外部域发送邮件等敏感操作，并将其挂起等待人工审批。这确保了智能体在保持生产力的同时，在使用 Openclaw Skills 时处于安全的操作边界内。

下载入口:https://github.com/openclaw/skills/tree/main/skills/rotemtam/clawback-gmail

安装与下载

1. ClawHub CLI

从源直接安装技能的最快方式。

2. 手动安装

将技能文件夹复制到以下位置之一

优先级：工作区 > 本地 > 内置

3. 提示词安装

将此提示词复制到 OpenClaw 即可自动安装。

clawback 应用场景

• 对 AI 智能体发送的所有出站电子邮件强制执行组织安全策略。
• 审计 Gmail 交互以维护通信历史和合规性的清晰记录。
• 为删除邮件或发送给特定收件人等敏感操作实施审批工作流。
• 通过自动分页和 JSON 输出搜索并管理大量的邮件线程。
• 通过标准化的 CLI 界面安全地管理 Gmail 标签、草稿和附件。

1. 用户或智能体通过 clawback CLI 工具发起 Gmail 命令。
2. 请求被路由到服务端代理，代理根据活动安全策略评估该操作。
3. 如果策略需要人工干预（例如 approve_before_send），命令将暂停并返回退出代码 8。
4. 人工审核员通过仪表板或邮件链接批准或拒绝该操作。
5. 批准后，代理执行请求的 Gmail 操作并记录交易以用于审计。

clawback 配置指南

首先，使用官方安装脚本安装工具：

curl -fsSL https://clawback.sh/install | bash

通过设备流使用您的 Google 账号进行身份验证：

clawback auth login

验证您的连接状态以确保代理可访问：

clawback auth status

（可选）如果使用私有代理实例，请配置服务器环境变量：

export CB_SERVER=https://your-server.example.com

clawback 数据架构与分类体系

clawback 对 Gmail 数据采用结构化处理方法，侧重于 JSON 输出，以便与其他 Openclaw Skills 无缝集成。

常用的数据操作标志包括用于投影特定字段的 --select 和用于返回不带外壳的原始数据数组的 --results-only。

name: clawback
description: Gmail security proxy with policy enforcement, approval workflows, and audit logging. Use when the user wants to read, search, or send Gmail with guardrails — send actions may require human approval before executing.
homepage: https://clawback.sh
metadata:
  {
    "openclaw":
      {
        "emoji": "???",
        "requires": { "bins": ["clawback"] },
        "install": [],
      },
  }

clawback

Use clawback for Gmail with policy enforcement. All operations go through a server-side proxy that enforces policies and logs an audit trail. Sends may require human approval.

Install (if not already installed)

curl -fsSL https://clawback.sh/install | bash

Setup (once)

• clawback auth login (device flow — opens browser)
• clawback auth status (verify connection)

Common commands

• Gmail search: clawback gmail search 'newer_than:7d' --max 10
• Gmail search (all pages): clawback gmail search 'from:boss@company.com' --all --json
• Gmail get message: clawback gmail get --json
• Gmail send (plain): clawback gmail send --to a@b.com --subject "Hi" --body "Hello"
• Gmail send (multi-line): clawback gmail send --to a@b.com --subject "Hi" --body-file ./message.txt
• Gmail send (stdin): clawback gmail send --to a@b.com --subject "Hi" --body-file -
• Gmail send (HTML): clawback gmail send --to a@b.com --subject "Hi" --body-html "

  Hello

  "
• Gmail send (reply): clawback gmail send --to a@b.com --subject "Re: Hi" --body "Reply" --reply-to-message-id --thread-id
• Gmail send (attachment): clawback gmail send --to a@b.com --subject "Report" --body "See attached" --attach ./report.pdf
• Thread list: clawback gmail thread list 'subject:meeting' --max 20
• Thread get: clawback gmail thread get --json
• Thread modify labels: clawback gmail thread modify --add STARRED --remove UNREAD
• Labels list: clawback gmail labels list
• Labels create: clawback gmail labels create --name "Important/Clients"
• Labels modify message: clawback gmail labels modify --add STARRED --remove UNREAD
• Drafts list: clawback gmail drafts list --json
• Drafts create: clawback gmail drafts create --to a@b.com --subject "Draft" --body "WIP"
• Drafts send: clawback gmail drafts send (may trigger approval — exit code 8)
• Drafts delete: clawback gmail drafts delete
• Download attachment: clawback gmail attachment --out ./file.pdf
• History: clawback gmail history --since --max 50
• Batch delete: clawback gmail batch delete
• Batch modify: clawback gmail batch modify --add INBOX --remove SPAM
• Settings filters list: clawback gmail settings filters list --json
• Settings send-as list: clawback gmail settings send-as list
• Settings vacation get: clawback gmail settings vacation get
• Settings forwarding list: clawback gmail settings forwarding list
• Settings delegates list: clawback gmail settings delegates list
• Approvals list: clawback approvals list --status pending --json
• Approvals get: clawback approvals get --json
• Policy list: clawback policy list --json

Approval Flow

Sends may be intercepted by an approve_before_send policy. When this happens:

1. The send command exits with code 8 and prints the approval ID
2. Check status: clawback approvals get --json
3. A human must approve via the dashboard or email link
4. Once approved, the server sends the email automatically
5. If rejected or expired, inform the user

Exit Codes

• 0: success
• 1: unexpected error
• 3: no results (with --fail-empty)
• 4: not authenticated — run clawback auth login
• 6: blocked by policy (read_only) — inform user
• 8: pending approval — poll clawback approvals get until resolved
• 130: cancelled

Notes

• Set CB_SERVER=https://your-server.example.com to override the default server.
• For scripting, prefer --json plus --no-input plus --fail-empty.
• --connection selects which Gmail connection to use; auto-detected if you have one connection.
• --all auto-paginates search results (gmail search and thread list).
• --select field1,field2 projects JSON output to specific fields.
• --results-only strips the envelope and returns just the data array.
• Confirm before sending mail. If exit code is 8, do not retry — wait for human approval.