Neynar Inbox
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent instruction-only email API skill, but it can create a mailbox, use a mailbox API key, send or delete emails, register webhooks, and set up polling, so users should keep those actions under clear control.
Use this skill only if you trust the Neynar Inbox API endpoint. Store the generated API key securely, require confirmation before sending or deleting emails, register webhooks only to trusted servers, and set any polling schedule with a clear stop condition.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could send emails or delete mailbox data if directed or allowed to use the documented API calls.
The skill documents raw API calls for externally visible and mutating email actions. This is expected for an email API skill, but those actions can affect real recipients and mailbox contents.
curl -X POST https://neynar-inbox-api.rish-68c.workers.dev/v1/emails ... "to": ["recipient@example.com"] ... | DELETE | /v1/emails/:id | Delete email |
Require user confirmation before sending, deleting, rotating keys, or registering webhooks, and limit actions to the intended mailbox and task.
Anyone with the API key may be able to send, read, search, delete, or manage emails for that mailbox.
The mailbox API key is the credential used to access the mailbox. This is disclosed and purpose-aligned, but possession of the key grants access to mailbox operations.
"apiKey": "fi_abc123...", "warning": "Store the apiKey securely - it cannot be retrieved again."
Store the API key only in an approved secret store, avoid exposing it in logs or chat, and rotate or delete it if it may have been shared.
Email notifications could be sent to a configured server, so a wrong or untrusted webhook URL could expose mailbox activity.
The skill supports forwarding email event notifications to a webhook URL. This is disclosed and includes signature-verification guidance, but it creates an additional data-flow boundary.
Register a webhook for real-time email notifications: ... -d '{"url": "https://your-server.com/webhook", "events": ["email.received"]}' ... Verify signatures via `X-Webhook-Signature` headerUse only trusted webhook endpoints, verify signatures, and avoid registering webhooks unless the user explicitly wants real-time notifications.
A scheduled agent could keep checking the mailbox and processing new email after the original task is done.
The skill recommends scheduled polling. This is coherent for receiving email replies, but it could continue beyond the immediate task if not bounded.
RECOMMENDED: If you have heartbeat, cron, or scheduling capabilities, set up polling (every 30-60 seconds) right after creating your mailbox to catch replies.
Make polling opt-in, set a clear interval and end time, and provide an easy way to stop the schedule.