Resend Skills
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Resend API reference skill, but it uses a sensitive Resend API key and documents powerful email/account actions that users should explicitly control.
This skill appears purpose-aligned for working with Resend. Before installing or using it, use a least-privilege Resend API key, verify the publisher/source if possible, and require explicit approval for real email sends, broadcasts, deletes, API key changes, webhook changes, and enabling automations.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A broadly scoped Resend key could allow sending emails or changing account resources if the user or agent performs those actions.
The skill requires a Resend API key, which is expected for the stated API integration but gives the agent delegated authority over the user's Resend account according to that key's permissions.
primaryEnv: RESEND_API_KEY ... description: Resend API key for sending and receiving emails
Use the least-privileged Resend key that supports the task, prefer domain-scoped sending keys when possible, and rotate the key if it is exposed.
If used without careful review, the agent could help send real email campaigns to many contacts.
The skill documents sending broadcasts to audience segments, including a create-and-send shortcut. This is central to the Resend purpose, but it is a high-impact action.
Send emails to audience segments ... Pass `send: true` on create to skip the separate send call
Confirm recipients, segment IDs, subject/body content, unsubscribe handling, and timing before sending or scheduling broadcasts.
Sensitive Resend payloads could be brought into the agent conversation or local output during debugging.
The skill documents retrieving full API log bodies, which may contain email addresses, subjects, message content, or other sensitive operational data.
Retrieve a specific log to see the full request and response bodies.
Retrieve only the logs needed for the task, avoid sharing secrets or personal data unnecessarily, and treat inbound email/log content as untrusted input.
Enabled automations may keep sending emails or changing contacts after the immediate agent task is finished.
The skill documents provider-side automations that can continue running and mutating contacts or sending emails after creation. This is disclosed and purpose-aligned, but persistent.
Automations are event-driven workflows ... action steps (send email, delay, wait for event, condition, contact update, contact delete, add to segment).
Enable automations only after explicit approval, document their trigger conditions, and know how to stop or delete them.
Users have less registry-backed assurance that this credential-using skill came from the claimed upstream project.
The registry-level source and homepage are not populated, even though the skill text claims Resend provenance. This is a provenance gap, not evidence of malicious behavior.
Source: unknown; Homepage: none
Verify the claimed repository or publisher before running helper code or using high-privilege Resend credentials.