Kit Email Marketing Operator
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent Kit email-marketing integration, but it needs Kit account credentials and can send campaigns, so users should review sends and stored training data carefully.
Install only if you are comfortable giving the skill Kit API access. Before approving any send, check the final email, target audience, timing, and links. Avoid putting sensitive customer data or confidential strategy into voice-training samples, and review the bundled scripts if available before storing credentials.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If misused or approved too quickly, the agent could send an email campaign to many subscribers.
The skill can create broadcasts that immediately publish to potentially the whole subscriber list. The instruction to confirm with the user keeps this purpose-aligned, but the action is high impact.
"Send now:" Don't include `send_at` (immediately publishes) ... "All subscribers:" Don't include `tag_ids` or `segment_ids` ... "Confirm with user before sending."
Review the final email, audience, schedule, and links before approving any send; prefer drafts or test sends when uncertain.
Anyone with access to working credentials could affect the user’s Kit account, including campaign creation or sending.
The skill asks for delegated Kit API credentials that can operate on the user’s Kit account. This is expected for the integration and is documented as locally encrypted.
API Key (v4): kit_abc123... API Secret: Exe_abc123... Credentials are encrypted with AES-256-GCM and stored locally in: `/data/.openclaw/workspace/.kit-credentials`
Use the least-privileged Kit credentials available, store them only through the provided setup flow, and rotate them if the local workspace may be compromised.
Training samples or business context could be reused in future email generation and may expose information if the workspace is shared or compromised.
Past emails and business context are stored persistently in plaintext for future personalization. That is useful for brand voice, but those files may contain private or strategic information.
**Plain text (not sensitive):** - `~/.kit-voice-samples.json` - Your past email examples - `~/.kit-business-context.json` - Business info you provide
Remove customer secrets, private strategy, and personal data from training samples; delete stored context files when no longer needed.
Users have less registry-level information to verify where the skill and scripts came from.
The package includes runnable scripts but has limited provenance and no declared install mechanism. The provided static scan is clean, so this is a reviewability note rather than evidence of malicious behavior.
Source: unknown; Homepage: none ... No install spec — this is an instruction-only skill ... Code file presence: scripts/credentials.js, scripts/kit-api.js
Inspect the bundled scripts before entering credentials, and install only from a source you trust.
A user might paste sensitive past emails believing no email content will be retained.
The documentation says past email examples may be stored, but also says no email content is stored. That inconsistency could lead users to underestimate what local files contain.
`~/.kit-voice-samples.json` - Your past email examples ... "What DOESN'T Get Stored" ... "No email content"
Treat voice samples as retained email content and review or redact them before training.