Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Resend Skills

v3.3.1

Use when working with the Resend email API — sending transactional emails (single or batch), receiving inbound emails via webhooks, managing email templates,...

⭐ 3· 2.2k·5 current·5 all-time

byChristina Martinez@christina-de-martinez

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

Capability signals

Crypto

These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name, description, and included docs/code consistently implement Resend API functionality (sending, webhooks, templates, logs, etc.). The SKILL.md declares RESEND_API_KEY (required) and RESEND_WEBHOOK_SECRET (optional) which are appropriate for this purpose. However, the registry-level metadata claims no required env vars / no homepage / unknown source while the embedded SKILL.md and file manifest reference an upstream source and require credentials — this mismatch is an incoherence.

✓

Instruction Scope

SKILL.md instructions and examples stay within Resend API scope (send emails, verify webhooks, manage templates, etc.). The instructions reference only RESEND_API_KEY and RESEND_WEBHOOK_SECRET and standard SDK calls; there are no instructions to read unrelated system files or exfiltrate arbitrary data. Examples do print tokens/secrets to console in docs (e.g., showing created API key or signing_secret), which is a potential accidental-leak risk if users copy example code into production without securing logs.

Install Mechanism

There is no install spec even though code examples (and fetch-all-templates.mjs) require the 'resend' npm package (comment: 'Requires: npm install resend'). The skill will likely need the Resend SDK at runtime but does not declare installation steps; absence of an install spec means the agent/platform needs to provide the SDK or the examples will fail. This mismatch is a packaging/operational risk (not inherently malicious) and should be clarified.

Credentials

The SKILL.md rightly requires RESEND_API_KEY (and optionally RESEND_WEBHOOK_SECRET) which are proportional to the stated capabilities. The problem: the registry metadata listed no required env vars/primary credential — a discrepancy that could lead users to install the skill without realizing it needs sensitive credentials. Also some example snippets show printing tokens/signing secrets to stdout; copying those examples verbatim could leak secrets to logs.

✓

Persistence & Privilege

The skill is not marked always:true and does not request system config paths or modify other skills. Autonomous invocation is allowed (platform default) but not combined with other high-risk privileges here.

What to consider before installing

This package appears to be a documentation-heavy Resend integration and legitimately needs your RESEND_API_KEY (and optionally the webhook signing secret). Before installing: 1) verify the skill's source (the registry metadata lists 'unknown' but the SKILL.md references resend.com and a GitHub repo) — prefer skills published by the official vendor; 2) confirm your platform will provide the Node SDK or add an explicit install step (npm install resend) — right now there's no install spec; 3) treat RESEND_API_KEY and RESEND_WEBHOOK_SECRET as sensitive: do not paste them into code that logs them (some examples print created tokens to console); 4) because the skill can be invoked autonomously and will have access to your API key if you provide it, consider granting a scoped sending-only API key (if Resend supports it) rather than a full-access key; 5) ask the publisher to fix the registry metadata to declare required env vars and provide an install spec or host the skill from the official repo. These fixes would change the assessment to benign if they match the embedded SKILL.md and the publisher identity is verified.

✗

references/fetch-all-templates.mjs:4

Environment variable access combined with network send.

Patterns worth reviewing

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

latestvk97davt0bt5erb5w3wfgwz2f6s84m3v2

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Resend Skills

License

Comments