Flashrev Mailer
AdvisoryAudited by Static analysis on May 11, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If misused, the agent could send unwanted emails or harm sender reputation, but the documented workflow adds approval and throttling controls.
The skill can cause real email to be sent, which is high-impact tool use, but the artifact explicitly requires review and human approval before live sending.
Live sending requires explicit human approval per batch. The agent must run `--dry-run --yes` first, show rendered drafts to the user, and only proceed with `--live --yes` after the user approves drafts, sender pool, schedule, and recipient set.
Only approve live batches after reviewing recipients, sender identity, schedule, and rendered drafts; keep batch limits small until the campaign is verified.
A compromised or wrong npm package could access the FlashRev API key, mailbox credentials, contact data, or send mail.
The core behavior depends on an external, globally installed npm CLI rather than code included in the skill artifacts; this is central to the purpose, but users should verify package provenance before trusting it with mail credentials.
CLI is installed globally by the user: `npm install -g flashrev-ai-mailer`. Verify with `flashrev-mailer --help`.
Confirm the package name, publisher, version, and source before installation; consider pinning a known-good version and installing in an isolated environment.
Exposure of the API key could allow someone to retrieve sending credentials or perform campaign-related actions through FlashRev.
The FlashRev API key has access to mailbox metadata, validation services, and SMTP credential retrieval, so it is more sensitive than a narrow read-only token.
One key authorizes mailbox listing, recipient verification, and SMTP credential retrieval.
Use a dedicated least-privilege key if available, keep it in the environment only, avoid committing config files, and rotate the key if it may have been exposed.
Contact email addresses and validation activity may be visible to the configured FlashRev API endpoint and potentially in URL/query logging.
Recipient email addresses are sent to the FlashRev provider for verification, and the base URL can be configured. This is disclosed and purpose-aligned, but it is an external data flow.
Default base URL: `https://open-ai-api.flashlabs.ai` ... the email address is passed as a query parameter.
Use only approved contact lists, verify the configured base URL before running validation, and do not run campaigns from untrusted workspaces with unknown `.flashrev/config.json` settings.
Local workspace files may reveal campaign contacts, send history, and mailbox usage even if API keys and SMTP passwords are not logged.
The skill's associated CLI keeps persistent local campaign logs containing recipient and delivery metadata. This is expected for campaign traceability but should be treated as sensitive operational data.
`events.jsonl` records event `type`, `contactId`, recipient email, `mailboxId`, and `messageId`
Store campaigns in a protected workspace, avoid committing logs or queues to source control, and delete or archive campaign artifacts according to retention requirements.