Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- tests/run-resend-send-tests.mjs:11
Security audit
Security checks across malware telemetry and agentic risk
This skill is a clearly disclosed Resend email-sending helper that defaults to dry-run and requires explicit send flags, an API key, and a recipient allowlist for real emails.
Install only if you are comfortable giving the runtime a Resend API key. Keep RESEND_ALLOWED_TO narrow, review the exact email content and headers before adding --send, and prefer a least-privilege Resend key for a verified sender/domain.
65/65 vendors flagged this skill as clean.
Detected: suspicious.dangerous_exec, suspicious.env_credential_access, suspicious.exposed_secret_literal