ClawHub

Neynar Inbox

v1.0.0

Email for AI agents. Create mailboxes, send and receive emails via API. No browser, no OAuth.

0· 832·2 current·2 all-time
by@rishavmukherji
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (email API for agents) matches the runtime instructions (endpoints to create mailboxes, send/receive email). However there is an inconsistency between the declared homepage (https://email.neynar.ai in metadata) and the actual API base URL used in the instructions (https://neynar-inbox-api.rish-68c.workers.dev). The SKILL.md also exposes behavior (create mailbox without auth, returns apiKey) that implies the agent must manage secrets even though the skill metadata lists no primary credential — this mismatch is concerning.
Instruction Scope
Instructions are explicit about API calls and do not instruct reading arbitrary local files or unrelated credentials. They do, however, instruct the agent to store the returned apiKey securely and recommend polling every 30–60 seconds or registering webhooks — both of which imply persistent secret storage and regular network activity outside the agent's immediate interaction. That scope expansion (scheduling/persisting keys) is not declared elsewhere.
Install Mechanism
This is an instruction-only skill with no install spec or code files, which is lower risk. One minor inconsistency: the SKILL.md lists requires.bins: [curl], while the registry metadata provided earlier listed no required binaries. No downloads or extractable installs are present.
!
Credentials
The skill will produce and require an API key for authenticated calls, but requires.env and primary credential fields are empty in the package metadata. The runtime examples show Authorization: Bearer <apiKey>, so the agent or user will need to store that secret somewhere — yet the skill does not declare or request that storage. Absence of declared credential handling is a mismatch and could lead to accidental secret leakage if the agent stores the key insecurely.
Persistence & Privilege
always is false (good). The skill recommends polling every 30–60s or registering webhooks, and the platform allows autonomous invocation by default. That combination gives an agent the ability to send/receive arbitrary emails and perform frequent outbound connections; this is expected for an email integration but increases the blast radius if the agent acts without user oversight. Consider limiting autonomous use or monitoring outbound messages.
What to consider before installing
This skill is an instruction-only integration that calls an external email API. Before installing: (1) confirm you trust the API host — the SKILL.md uses a workers.dev domain while the metadata lists a neynar.ai homepage (this mismatch could be innocent but warrants verification). (2) Decide where the returned apiKey will be stored (agent secret store) and ensure it will be stored securely — the skill metadata does not declare a required credential. (3) Be aware that an autonomous agent using this skill can send and receive real email and could poll frequently; restrict or monitor autonomous behavior and outgoing messages if you are concerned about data exfiltration or spam. (4) Prefer using disposable mailboxes for testing, verify webhook signatures on your endpoints, and review any privacy/terms on the email provider website before granting long-term access.

Like a lobster shell, security has layers — review code before you run it.

agentsvk976p9h7k9gpynh6s4nk8sbrq980x8t5apivk976p9h7k9gpynh6s4nk8sbrq980x8t5emailvk976p9h7k9gpynh6s4nk8sbrq980x8t5latestvk976p9h7k9gpynh6s4nk8sbrq980x8t5

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments