Fastmail API Operations
Setup
On first use, read setup.md for account integration preferences, activation rules, and credential handling.
When to Use
User needs to automate Fastmail through API calls: mailbox management, message search, draft/send flows, identity settings, contact operations, or calendar events. Agent handles capability discovery, safe request construction, and high-impact confirmation.
Architecture
Memory lives in ~/fastmail-api/. See memory-template.md for structure.
CODEBLOCK0
Quick Reference
Use these files when you need details beyond core operating rules.
| Topic | File |
|---|
| Setup flow | INLINECODE3 |
| Memory template |
memory-template.md |
| Session and method call patterns |
jmap-patterns.md |
| Mailbox and message workflows |
mail-workflows.md |
| Contacts and calendar operations |
calendar-contacts.md |
| Error handling and recovery |
troubleshooting.md |
Requirements
- - �INLINECODE9
- INLINECODE10
- INLINECODE11
- Optional:
FASTMAIL_API_BASE (defaults to https://api.fastmail.com/jmap/api)
Never commit bearer tokens to repository files, shell history, or shared logs.
Data Storage
- -
~/fastmail-api/memory.md for account ID, preferred defaults, and workflow context - INLINECODE15� for high-impact action history
- INLINECODE16� for payload backups before bulk updates
Core Rules
1. Discover Session Capabilities Before First Write
- - Call the Fastmail JMAP session endpoint first to confirm
apiUrl, primaryAccounts, and capability support. - Cache discovered account IDs in memory to avoid writing to the wrong account.
CODEBLOCK1
2. Build Method Calls with Explicit Account Scope
- - Include
using capabilities and account-specific IDs in each method call set. - Use deterministic
clientCallId values so retries can be traced safely.
CODEBLOCK2
3. Use Safe Pagination and Narrow Filters
- - Do not run unbounded queries on large inboxes; always set limits and filters.
- Prefer
Email/query plus Email/get windows over full mailbox dumps.
4. Confirm Destructive and Broad-Impact Actions
- - Confirm before mailbox deletes, message moves affecting many threads, identity updates, or bulk calendar edits.
- For high-impact writes, record pre-change payloads in
~/fastmail-api/snapshots/.
5. Treat Partial Failures as First-Class Results
- - Inspect
notCreated, notUpdated, and method-level errors after every write. - Report partial success explicitly and propose rollback or retry paths.
6. Redact Sensitive Data in Outputs
- - Never print raw authorization headers or full token strings in normal responses.
- Redact addresses and subject lines when logs are shared outside trusted contexts.
7. Verify Post-Write State with Follow-Up Reads
- - After writes, run targeted read calls (
Mailbox/get, Email/get, Contact/get, CalendarEvent/get) to confirm final state. - Only close tasks after state verification succeeds.
Safety Checklist
Before bulk updates, deletes, send flows, or identity changes:
- 1. Confirm target account ID and environment.
- Capture a request snapshot for rollback context.
- Confirm user intent for irreversible actions.
- Execute smallest safe batch first.
- Verify resulting state with read calls.
Fastmail API Traps
- - Skipping session discovery can send writes to an incorrect account ID.
- Missing capabilities in
using causes method failures that look like auth issues. - Bulk message moves without filters can reorganize entire mailboxes accidentally.
- Assuming all writes succeeded without checking
notUpdated hides partial failure. - Logging bearer tokens in debugging output creates credential exposure risk.
External Endpoints
Only the official Fastmail JMAP endpoints below are used by this skill.
| Endpoint | Data Sent | Purpose |
|---|
| INLINECODE32 | Bearer token in Authorization header | Discover API URLs, capabilities, and account IDs |
| INLINECODE33 |
JMAP method payloads for mail, mailbox, identity, contacts, and calendar operations | Execute read and write workflows |
No other data is sent externally.
Security & Privacy
Data that leaves your machine:
- - Authenticated JMAP payloads for mailbox, message, contact, and calendar operations
- Message metadata required for requested queries and write actions
Data that stays local:
- - Operational context in �INLINECODE34
- High-impact action history in �INLINECODE35
- Optional payload snapshots in �INLINECODE36
This skill does NOT:
- - Send undeclared API traffic
- Store bearer tokens in repository files
- Execute destructive writes without explicit confirmation
Trust
By using this skill, mailbox and calendar operation data is sent to Fastmail infrastructure.
Only install if you trust Fastmail with this operational data.
Related Skills
Install with
clawhub install <slug> if user confirms:
- -
api - Build robust HTTP request and response workflows for complex APIs - INLINECODE39� - Handle token lifecycle and secure delegated authorization flows
- INLINECODE40� - Plan high-quality email workflows, tone, and delivery structure
- INLINECODE41� - Orchestrate event-driven integrations that react to API-side changes
Feedback
- - If useful: �INLINECODE42
- Stay updated: �INLINECODE43
Fastmail API 操作
设置
首次使用时,请阅读 setup.md 了解账户集成偏好、激活规则和凭证处理。
使用时机
用户需要通过API调用自动化Fastmail:邮箱管理、邮件搜索、草稿/发送流程、身份设置、联系人操作或日历事件。代理负责能力发现、安全请求构建和高影响操作确认。
架构
内存文件位于 ~/fastmail-api/。结构请参见 memory-template.md。
text
~/fastmail-api/
├── memory.md # 账户上下文、ID和操作偏好
├── request-log.md # 高影响API操作及结果
└── snapshots/ # 批量写入前的可选负载备份
快速参考
当需要超出核心操作规则的详细信息时,请使用以下文件。
memory-template.md |
| 会话和方法调用模式 | jmap-patterns.md |
| 邮箱和邮件工作流 | mail-workflows.md |
| 联系人和日历操作 | calendar-contacts.md |
| 错误处理与恢复 | troubleshooting.md |
要求
- - curl
- jq
- FASTMAILAPITOKEN
- 可选:FASTMAILAPIBASE(默认为 https://api.fastmail.com/jmap/api)
切勿将承载令牌提交到仓库文件、shell历史记录或共享日志中。
数据存储
- - ~/fastmail-api/memory.md:账户ID、首选默认值和工作流上下文
- ~/fastmail-api/request-log.md:高影响操作历史
- ~/fastmail-api/snapshots/:批量更新前的负载备份
核心规则
1. 首次写入前发现会话能力
- - 首先调用Fastmail JMAP会话端点,确认 apiUrl、primaryAccounts 和能力支持。
- 将发现的账户ID缓存到内存中,避免写入错误账户。
bash
curl -sS https://api.fastmail.com/jmap/session \
-H Authorization: Bearer $FASTMAILAPITOKEN | jq
2. 构建带显式账户范围的方法调用
- - 在每个方法调用集中包含 using 能力和特定于账户的ID。
- 使用确定性的 clientCallId 值,以便安全追踪重试。
bash
curl -sS ${FASTMAILAPIBASE:-https://api.fastmail.com/jmap/api} \
-H Authorization: Bearer $FASTMAILAPITOKEN \
-H Content-Type: application/json \
-d {
using: [urn:ietf:params:jmap:mail, urn:ietf:params:jmap:core],
methodCalls: [
[Mailbox/get, {accountId: u123, ids: null}, c1]
]
} | jq
3. 使用安全分页和窄范围过滤器
- - 不要对大型收件箱运行无限制查询;始终设置限制和过滤器。
- 优先使用 Email/query 加 Email/get 窗口,而非完整邮箱转储。
4. 确认破坏性和广泛影响的操作
- - 在删除邮箱、移动影响多个线程的邮件、更新身份或批量日历编辑前进行确认。
- 对于高影响写入,将变更前负载记录在 ~/fastmail-api/snapshots/ 中。
5. 将部分失败视为一等结果
- - 每次写入后检查 notCreated、notUpdated 和方法级错误。
- 明确报告部分成功,并提出回滚或重试路径。
6. 在输出中脱敏敏感数据
- - 切勿在正常响应中打印原始授权头或完整令牌字符串。
- 在共享日志到可信上下文之外时,脱敏地址和主题行。
7. 通过后续读取验证写入后状态
- - 写入后,运行目标读取调用(Mailbox/get、Email/get、Contact/get、CalendarEvent/get)确认最终状态。
- 仅在状态验证成功后关闭任务。
安全检查清单
在批量更新、删除、发送流程或身份变更前:
- 1. 确认目标账户ID和环境。
- 捕获请求快照以备回滚。
- 确认用户对不可逆操作的意图。
- 首先执行最小的安全批次。
- 通过读取调用验证结果状态。
Fastmail API 陷阱
- - 跳过会话发现可能导致写入错误账户ID。
- using 中缺少能力会导致方法失败,看起来像认证问题。
- 无过滤器的批量邮件移动可能意外重组整个邮箱。
- 假设所有写入成功而不检查 notUpdated 会隐藏部分失败。
- 在调试输出中记录承载令牌会造成凭证暴露风险。
外部端点
本技能仅使用以下官方Fastmail JMAP端点。
| 端点 | 发送的数据 | 用途 |
|---|
| https://api.fastmail.com/jmap/session | Authorization头中的承载令牌 | 发现API URL、能力和账户ID |
| https://api.fastmail.com/jmap/api |
邮件、邮箱、身份、联系人和日历操作的JMAP方法负载 | 执行读写工作流 |
不发送其他数据到外部。
安全与隐私
离开您机器的数据:
- - 邮箱、邮件、联系人和日历操作的已认证JMAP负载
- 请求查询和写入操作所需的邮件元数据
保留在本地数据:
- - ~/fastmail-api/memory.md 中的操作上下文
- ~/fastmail-api/request-log.md 中的高影响操作历史
- ~/fastmail-api/snapshots/ 中的可选负载快照
本技能不会:
- - 发送未声明的API流量
- 在仓库文件中存储承载令牌
- 未经明确确认执行破坏性写入
信任
使用本技能,邮箱和日历操作数据将被发送到Fastmail基础设施。
仅当您信任Fastmail处理此操作数据时才安装。
相关技能
如果用户确认,使用 clawhub install
安装:
- - api - 为复杂API构建健壮的HTTP请求和响应工作流
- oauth - 处理令牌生命周期和安全委托授权流程
- mail - 规划高质量的电子邮件工作流、语气和投递结构
- webhook - 编排响应API端变化的事件驱动集成
反馈
- - 如果有用:clawhub star fastmail-api
- 保持更新:clawhub sync
