beehiiv
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent action with this key may be able to access or operate the connected beehiiv resources allowed by the OAuth connection.
The skill requires a bearer API key that authorizes requests through Maton to the connected beehiiv account.
All requests require the Maton API key in the Authorization header: Authorization: Bearer $MATON_API_KEY
Store the key securely, do not paste it into public chats or logs, rotate it if exposed, and connect only the intended beehiiv account.
Mistaken write actions could change newsletter data, subscriber lists, automations, or published content.
The skill can affect subscriber records, newsletter content, segmentation, and automations, which are high-impact account operations even though they match the stated purpose.
Manage newsletter publications, subscriptions, posts, custom fields, segments, tiers, and automations.
Before any create, update, delete, publish, or automation-related action, review the target publication/account, exact resource, and intended effect.
Using the skill means trusting Maton as a gateway for beehiiv API requests and OAuth token handling.
Requests and response data flow through the Maton API gateway before reaching beehiiv, so newsletter and subscriber data may be handled by that intermediary service.
Maton proxies requests to `api.beehiiv.com` and automatically injects your OAuth token.
Use this only if you trust Maton for the connected beehiiv account, and review Maton's privacy/security terms for sensitive subscriber or publication data.