opendatahub-io/gmail-draft
helpers/skills/gmail-draft/SKILL.md
Use this skill to compose a Gmail draft from text content in the conversation. Accepts a body, recipient list, and subject — either from the user or from context — and creates a draft in the user's Gmail Drafts folder via gws.
$ install --global
skillsauthnpx skillsauth add opendatahub-io/ai-helpers gmail-draftInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: May 2, 2026, 6:15 AM66.4s2 files scanned
SKILL.md
- name:
- gmail-draft
- description:
- >-
- argument-hint:
- [subject]
- allowed-tools:
- Bash, AskUserQuestion
- user-invocable:
- true
- author:
- dhellman
- version:
- 1.0
- tags:
- gmail, email, draft, google-workspace
Gmail Draft
Compose a Gmail draft from text content provided in the conversation.
Prerequisites
gwsbinary must be on$PATH- Authenticated with Gmail compose scope: run
gws auth login(not--readonly)
If gws is not installed or authentication fails, tell the user to follow the
setup instructions in the google-workspace skill.
Helper scripts are located in ${CLAUDE_SKILL_DIR} and require Python 3.10+.
Step 1: Gather Recipients, Subject, and Body
Collect the three required inputs. Sources depend on how the skill was invoked:
- From another skill (e.g.
email-meeting-summary): recipients, subject, and body are passed in context — use them directly. - Standalone invocation: use
AskUserQuestionto collect any that are missing:- Recipients: "Who should receive this email? (comma-separated addresses)"
- Subject: "What should the subject line be?"
- Body: "Paste or describe the content you want in the email body."
Step 2: Present for Review
Show the user the draft details before creating:
To: <recipients>
Subject: <subject>
<body>
Ask:
"Does this look right? Reply with any edits, or say 'send' to create the draft."
Incorporate edits and re-present until the user approves.
Step 3: Create the Draft
Write the body to a temp file, then call create_draft.py:
BODY_FILE=$(mktemp /tmp/gmail_draft_body.XXXXXX)
cat > "$BODY_FILE" << 'BODY_EOF'
<approved body text>
BODY_EOF
python3 "${CLAUDE_SKILL_DIR}/scripts/create_draft.py" \
--to "<recipients>" \
--subject "<subject>" \
--body-file "$BODY_FILE"
Step 4: Confirm
On success, tell the user:
"Draft created. You can find it in the Drafts folder in Gmail at https://mail.google.com/mail/#drafts. Review it before sending."
If the script exits with an error, show the error message and suggest the user
check gws auth login permissions (the Gmail scope must include draft
creation).
Error Reference
| Situation | Action |
|---|---|
| gws not found | Tell user to install gws and add it to PATH |
| Auth error (401/403) | Tell user to run gws auth login (without --readonly) |
| create_draft.py fails | Show error; check Gmail scope in gws auth login |
Related Skills
opendatahub-io/python-packaging-static-audit
development
VerifiedTrustedCommunity
Run hexora static analysis on a Python package repository to detect suspicious code patterns, then triage findings with deterministic rules and AI reasoning to produce a structured risk report section.
30SKILL.mdUpdated May 30, 2026
opendatahub-io/python-packaging-git-audit
development
VerifiedTrustedCommunity
Inspect recent git history of a Python package repository for suspicious commits touching supply-chain-sensitive files, then triage findings with AI reasoning to produce a structured risk report section.
30SKILL.mdUpdated May 30, 2026
opendatahub-io/python-packaging-binary-audit
development
VerifiedTrustedCommunity
Scan a Python package repository for compiled/binary files using Fromager-style detection and malcontent YARA analysis, then triage findings with deterministic rules and AI reasoning to produce a structured risk report section.
30SKILL.mdUpdated May 30, 2026
opendatahub-io/non-redhat-rpms
testing
VerifiedTrustedCommunity
Use this skill to identify non-Red Hat RPM packages installed in container images or on the local machine. For containers, pulls images across multiple architectures and release tags; for local scans, inspects the host directly. Extracts RPM signing metadata and reports packages not signed with the Red Hat GPG key as CSV output. Use when auditing compliance, checking supply-chain provenance, or scanning for third-party RPMs in RHOAI component images.
30SKILL.mdUpdated May 29, 2026