Back to skill
Skillv1.0.3
VirusTotal security
Resend · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:46 AM
- Hash
- 9ed8c7a1b19e3e0a6d159ce6950c47abe47500dc434dbd2b080a6ff00baa1bb4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: resend-integration Version: 1.0.3 The skill requires the installation of a global npm package (@membranehq/cli) and directs the agent to route all Resend API traffic through a third-party platform (getmembrane.com). While these actions are aligned with the stated purpose of the integration, the requirement for global shell execution and the use of an intermediary service for sensitive email operations and credential management represent significant supply chain and data privacy risks. The SKILL.md file also contains instructions steering the agent to prioritize the third-party service over direct API interactions.
- External report
- View on VirusTotal