EDM Email Manager (via Kanban Plugin)
PassAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for email campaign management, but users should notice that it relies on a separate plugin/API access, stores contact data locally, and can send real marketing emails after confirmation.
Before using it, review and trust the companion `claw-kanban` plugin, understand how Resend and the dashboard store credentials and analytics, and carefully confirm the email content and recipient list before any campaign is sent.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the agent may send real emails to the selected audience, affecting recipients and the sender's reputation.
The skill can trigger real outbound email delivery through a plugin. The behavior is central to the email marketing purpose and includes a confirmation step, so this is a disclosed note rather than a concern.
Once confirmed, the agent calls the plugin's underlying `edm_send` tool to dispatch the emails using Resend.
Preview the HTML, verify the recipient list, and confirm only when you are ready to send.
API keys or account access may allow campaign sending or analytics tracking through third-party services.
The workflow expects API-backed access for Resend/dashboard functionality, but the registry metadata lists no primary credential or required environment variables. The access is purpose-aligned, but users should recognize that credentials may be needed by the companion plugin.
it needs the "hands" (API access)... Get your free Dashboard API Key to track open rates at: **https://teammate.work**
Use limited-scope keys where possible, store them only through the companion plugin's documented mechanism, and rotate/revoke them if no longer needed.
The companion plugin may add executable code and tools that can access APIs or send emails.
The skill depends on a separate plugin that is not included in the provided artifacts. The install is user-directed and disclosed, but the plugin's code and exact permissions are outside this review.
Before using this workflow, you **MUST** install the companion plugin in your terminal... `openclaw plugins install claw-kanban`
Review the `claw-kanban` plugin, its source, permissions, and credential handling before installing it.
Brand settings and mailing-list data may remain on disk and be reused in later campaigns.
The skill persists brand details and recipient lists locally for reuse. This is expected for campaign management, but the data may include private business information and personal contact details.
It stores these details locally in a `.claw-kanban/edm/brand.json` configuration file... The agent manages your local mailing list (`audience.json`) to act as a lightweight CRM.
Keep these files in a protected workspace, avoid adding unnecessary personal data, and delete or archive them when no longer needed.
Campaign IDs and engagement analytics may be visible through the dashboard service.
Campaign analytics are intended to be connected to an external web dashboard. This is disclosed and aligned with tracking, but users should understand what campaign metadata is shared.
The agent links the campaign ID to your web-based Claw Kanban dashboard. This allows you to monitor delivery rates, opens, and bounces
Review the dashboard provider's privacy and data-retention terms before using analytics tracking.