Back to skill

Security audit

Resend Email

Security checks across malware telemetry and agentic risk

Overview

This Resend skill is a disclosed email-administration helper that uses ClawLink credentials and requires confirmation for write actions, though users should notice it can manage webhooks and API keys too.

Install only if you intend to let ClawLink operate your Resend account from OpenClaw. Review write previews carefully, especially for sending mail, deleting contacts/domains/templates, changing webhooks, or creating/revoking API keys. Use a Resend account and permissions level appropriate for the tasks you actually want automated.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Low
Confidence
89% confidence
Finding
The skill documentation exposes API key management capabilities that are not disclosed in the manifest description, creating a scope mismatch between what the skill claims to do and what it can actually facilitate. This can mislead users or policy layers into approving a skill for routine email operations while it also enables creation and revocation of sensitive credentials, which could expand downstream access beyond expected boundaries.

Description-Behavior Mismatch

Low
Confidence
83% confidence
Finding
The documentation includes webhook management even though the manifest description only mentions campaigns, contacts, audiences, domains, templates, and transactional sends. Webhooks can exfiltrate event data or redirect operational flows to attacker-controlled endpoints, so omitting them from the declared scope reduces transparency and can cause underestimation of the skill's risk.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The manifest description uses broad invocation language such as managing email workflows and inspecting email activity, which may cause the orchestrator to invoke this skill for many generic email-related requests. Because the skill includes sensitive write actions like sending mail, managing webhooks, and handling API keys, over-broad matching increases the chance of unintended activation in higher-risk contexts.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.