Backend Developer
ReviewAudited by ClawScan on May 10, 2026.
Overview
Review before installing: the skill matches its email-sending purpose and shows approval before sending, but the actual sending tool and prompt code are imported from missing files, so the high-impact email behavior cannot be verified.
Before installing, ask for the missing send_email.tool and messages files, confirm the exact OpenAI and email credentials/scopes, and test that every email send requires visible approve/edit/reject confirmation.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may prepare and attempt to send emails, but the shown workflow asks for approval, editing, or rejection before delivery.
Email sending is a high-impact tool action, but the provided code explicitly requires a human decision before EmailTool is allowed to run.
humanInTheLoopMiddleware({ interruptOn: { EmailTool: { allowedDecisions: ["approve", "edit", "reject"] } } })Confirm in use that every actual send action pauses for approval and that users review recipients, subject, and body before approving.
The skill may depend on unprovided code to send emails or shape the agent's instructions, so users cannot verify where emails go, what credentials are used, or whether the documented approval behavior is preserved end-to-end.
The actual sending tool and prompt-generation code are imported from files that are not present in the supplied manifest, leaving the core high-impact behavior unreviewed.
import { EmailTool } from "../tools/send_email.tool";
import { message } from "../../messages";Require the publisher to include and pin all referenced files, especially the email tool and prompt helpers, before trusting or deploying the skill.
The skill will likely rely on runtime OpenAI and email-account authority even though the credential contract is not clearly declared in the supplied metadata.
The code uses an OpenAI provider client and an email-sending tool, while the registry metadata declares no primary credential or required environment variables.
this.model = new ChatOpenAI({ modelName: process.env.OPENAI_MODEL || "gpt-4o-mini" });
...
tools: [EmailTool]Verify exactly which credentials are required, what account sends the email, and what scopes or permissions are granted before use.
Email recipient information and message content may be sent to the external AI provider as part of composing the email.
Recipient details and draft email content are placed into the agent messages that are processed by the configured OpenAI/LangChain model.
content: message.EMAIL_USER_MESSAGE(email, name, subject, body)
Avoid using the skill for highly sensitive email content unless the OpenAI/provider data-handling terms and retention settings are acceptable.