Resend Skills
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: resend-skills Version: 3.3.3 The bundle is a comprehensive and well-documented integration for the Resend email service. It provides the AI agent with detailed instructions, code examples in multiple languages (Node.js, Python, Go), and best practices for sending/receiving emails, managing domains, contacts, and webhooks. The content emphasizes security, such as mandatory webhook signature verification and the use of environment variables for API keys. No evidence of data exfiltration, malicious execution, or harmful prompt injection was found; the instructions are strictly aligned with the legitimate use of the Resend API.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A broadly scoped Resend key could allow sending emails or changing account resources if the user or agent performs those actions.
The skill requires a Resend API key, which is expected for the stated API integration but gives the agent delegated authority over the user's Resend account according to that key's permissions.
primaryEnv: RESEND_API_KEY ... description: Resend API key for sending and receiving emails
Use the least-privileged Resend key that supports the task, prefer domain-scoped sending keys when possible, and rotate the key if it is exposed.
If used without careful review, the agent could help send real email campaigns to many contacts.
The skill documents sending broadcasts to audience segments, including a create-and-send shortcut. This is central to the Resend purpose, but it is a high-impact action.
Send emails to audience segments ... Pass `send: true` on create to skip the separate send call
Confirm recipients, segment IDs, subject/body content, unsubscribe handling, and timing before sending or scheduling broadcasts.
Sensitive Resend payloads could be brought into the agent conversation or local output during debugging.
The skill documents retrieving full API log bodies, which may contain email addresses, subjects, message content, or other sensitive operational data.
Retrieve a specific log to see the full request and response bodies.
Retrieve only the logs needed for the task, avoid sharing secrets or personal data unnecessarily, and treat inbound email/log content as untrusted input.
Enabled automations may keep sending emails or changing contacts after the immediate agent task is finished.
The skill documents provider-side automations that can continue running and mutating contacts or sending emails after creation. This is disclosed and purpose-aligned, but persistent.
Automations are event-driven workflows ... action steps (send email, delay, wait for event, condition, contact update, contact delete, add to segment).
Enable automations only after explicit approval, document their trigger conditions, and know how to stop or delete them.
Users have less registry-backed assurance that this credential-using skill came from the claimed upstream project.
The registry-level source and homepage are not populated, even though the skill text claims Resend provenance. This is a provenance gap, not evidence of malicious behavior.
Source: unknown; Homepage: none
Verify the claimed repository or publisher before running helper code or using high-privilege Resend credentials.