Mailgun
ReviewAudited by ClawScan on May 1, 2026.
Overview
The skill appears to be a disclosed Mailgun integration, but it needs Maton/Mailgun account access and can send or modify email resources when approved.
Before installing, make sure you trust Maton to broker Mailgun OAuth access, protect the MATON_API_KEY, and require clear confirmation before the agent sends messages or changes Mailgun account resources.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the agent could send emails or change Mailgun resources such as domains, routes, templates, lists, suppressions, or webhooks.
The skill exposes write-capable Mailgun operations that can affect external recipients and account configuration, which is expected for the stated purpose but high-impact.
Send transactional emails, manage domains, routes, templates, mailing lists, suppressions, and webhooks.
Approve write operations only after checking the exact domain, recipient list, message content, and intended account change.
Anyone or any agent flow with the Maton API key may be able to make Mailgun requests through the connected account.
The skill requires a sensitive API key and managed OAuth access to operate on a Mailgun account.
All requests require the Maton API key in the Authorization header: Authorization: Bearer $MATON_API_KEY
Store the Maton API key securely, connect only the intended Mailgun account, and revoke or rotate access if no longer needed.
Email content, recipient metadata, and Mailgun account requests may be processed through Maton and the US Mailgun endpoint.
Mailgun API requests, including email-related data, pass through the Maton gateway before reaching Mailgun.
Maton proxies requests to `api.mailgun.net/v3` (US region) and automatically injects your OAuth token.
Use this skill only if you trust Maton as the OAuth/API gateway and are comfortable with the documented US-region routing.