v1.0.1

Resend

BenignClawScan verdict for this skill. Analyzed Apr 30, 2026, 9:59 PM.

Analysis

This instruction-only Resend integration matches its stated email-management purpose, but it requires a Maton API key and can send or modify email-account resources, so approvals and account selection matter.

GuidanceUse this skill only if you trust Maton to proxy Resend requests and handle managed authentication. Before approving any write action, verify the Resend connection, recipients, message content, domains, contact lists, and whether the action is reversible.

Findings (6)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

SKILL.md

POST /resend/emails ... **All write operations require explicit user approval.**

The skill exposes Resend write operations such as sending email, while also instructing the agent to get approval before create, update, or delete calls.

User impactIf approved incorrectly, the agent could send emails or change Resend resources in the connected account.

RecommendationApprove only specific, reviewed actions, including recipients, sender, content, target resource, and intended effect.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

SKILL.md

Maton proxies requests to `api.resend.com` and automatically injects your API key.

The skill depends on Maton's proxy service for API access and credential handling; this is disclosed, but it is a trust dependency.

User impactYour Resend requests and authentication flow rely on the Maton service being trustworthy and available.

RecommendationInstall and use this skill only if you trust the Maton service and registry publisher for your Resend account.

Unexpected Code Execution

SeverityLowConfidenceHighStatusNote

SKILL.md

python <<'EOF'
import urllib.request, os, json
req = urllib.request.Request('https://api.maton.ai/resend/emails')

The instructions use local Python snippets to make API calls. This is purpose-aligned and no dynamic evaluation or downloaded executable is shown.

User impactThe agent may run local command snippets that read MATON_API_KEY and make network requests to Maton.

RecommendationReview command snippets before use and avoid running modified snippets that include unfamiliar code or destinations.

Cascading Failures

SeverityMediumConfidenceHighStatusNote

SKILL.md

Send transactional emails, manage domains, contacts, templates, and broadcasts. ... POST /resend/emails/batch

Batch emails, broadcasts, and account-resource changes can affect many recipients or persistent account settings if an input is wrong.

User impactA mistaken approval or incorrect recipient list could send unwanted messages or alter email infrastructure at scale.

RecommendationUse test recipients or small batches first, verify lists and domains carefully, and approve bulk or broadcast actions only after reviewing exact targets.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

SKILL.md

All requests require the Maton API key ... Access is scoped to emails, domains, API keys, and audiences within the connected Resend account.

The skill requires a sensitive Maton API key and can act against privileged Resend-account resources, including API keys and audiences.

User impactAnyone using the configured key through this skill may be able to access or modify sensitive Resend account resources.

RecommendationUse the least-privileged Maton/Resend connection available, keep MATON_API_KEY private, and confirm the account before approving changes.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityMediumConfidenceHighStatusNote

SKILL.md

https://api.maton.ai/resend/{endpoint} ... If you have multiple Resend connections, specify which one to use with the `Maton-Connection` header

Requests flow through a gateway/proxy, and account identity depends on selecting the correct Maton connection when multiple connections exist.

User impactEmail data, recipient data, and account actions may be routed through the wrong connected Resend account if the connection is not specified correctly.

RecommendationWhen more than one Resend connection exists, require the Maton-Connection header and verify the connection ID before any sensitive or write operation.