Sendook
ReviewAudited by ClawScan on May 1, 2026.
Overview
This is a coherent email-integration skill, but it gives the agent access to read and send mail from a configured Sendook inbox, so users should install it only with a least-privileged key and clear approval rules for outgoing email.
This skill appears coherent and limited to Sendook message operations. Before installing, create a least-privileged Sendook API key for only the intended inbox, require approval before the agent sends or replies to email, review any attachments carefully, and treat email contents as untrusted data rather than instructions.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill can access the configured Sendook inbox and act with whatever permissions the API key grants.
The skill requires a Sendook API key and inbox ID, giving the agent delegated access to the configured inbox.
Set these in your OpenClaw workspace or shell environment: - `SENDOOK_API_KEY` — Your Sendook API key - `SENDOOK_INBOX_ID` — The inbox ID this agent is allowed to use
Use a least-privileged API key scoped only to the intended inbox, rotate it if exposed, and avoid using an account-wide or administrative key.
If allowed without review, the agent could send or reply to emails from the configured inbox, affecting real recipients and account reputation.
The skill documents direct send and reply operations from the configured inbox. This is core to the purpose, but outgoing email is a high-impact action.
await client.inbox.message.send({
inboxId: INBOX_ID,
to: ["recipient@example.com"],
subject: "Hello from Sendook",
text: "Plain text body"Require explicit user approval for sending or replying, and review recipients, subject, body, and attachments before any outgoing email is sent.
Private email contents may be exposed to the agent context, and malicious or misleading email text could influence the agent if treated as instructions.
The skill can pull full email threads into the agent context, which may include sensitive or untrusted message content.
Retrieve a full conversation with all messages. ```typescript const thread = await client.inbox.thread.get(INBOX_ID, "thread_ghi789"); // thread.messages contains all messages in the conversation
Treat email bodies as untrusted data, avoid following instructions contained inside emails without user confirmation, and retrieve only the messages needed for the task.
The local environment will depend on whatever version of the external SDK npm resolves at install time.
Setup depends on an external npm package and does not pin a specific version. This is expected for the integration but is still a supply-chain consideration.
Install the SDK ([npm](https://www.npmjs.com/package/@sendook/node) | [source](https://github.com/getrupt/sendook)): ```bash npm install @sendook/node ```
Install from the official package source, consider pinning a known-good version, and use normal package-audit or lockfile practices.