ClawHub

resend-email

Send emails via Resend API from any verified domain. Use when sending emails, notifications, or automated messages. Supports HTML and plain text. Default voi...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 273 · 1 current installs · 1 all-time installs
byVlad Rimsha@vladchatware
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the actual behavior: the send.sh script and the JS transform call the Resend API to send/fetch emails. The skill expects Resend credentials (stored at ~/.config/resend/credentials.json or via RESEND_API_KEY) which is appropriate for this functionality.
Instruction Scope
SKILL.md instructs the agent to read a local credentials file, to call Resend endpoints, and (optionally) to expose a local webhook via Tailscale Funnel and configure a Clawdbot hook. These actions are consistent with the stated purpose but do direct the agent to read a local config path (~/.config/resend/credentials.json) and to open network exposure if you follow the webhook instructions.
Install Mechanism
No install spec (instruction-only with shipped scripts) — nothing is downloaded or extracted. The runtime uses existing tools (bash, curl, python3, node) and therefore has a low install risk.
Credentials
The skill requires a Resend API key and a default from address, which it expects in ~/.config/resend/credentials.json or in RESEND_API_KEY; however the registry metadata lists no required env vars. This is reasonable but a minor mismatch — sensitive credentials are read from a local file or environment, so you should ensure that file/vars are protected. The Clawdbot webhook uses a shared-secret token which must be managed securely.
Persistence & Privilege
The skill does not request permanent/always-on inclusion, does not modify other skills, and does not require elevated platform privileges. Autonomous invocation is allowed by default but that is normal for skills; nothing here amplifies that risk.
Assessment
This skill is internally consistent for sending and receiving email via Resend, but before installing: (1) verify and secure your Resend API key — the scripts read ~/.config/resend/credentials.json (or RESEND_API_KEY) so ensure that file contains only the expected keys and is readable only by you; (2) if you enable the inbound webhook, protect the shared-secret and only expose endpoints via a trusted tunneling service (the README suggests Tailscale Funnel); (3) confirm the default "from" address and verified domains in your Resend account to avoid accidental sending from unauthorized domains; (4) because the skill's source is listed as unknown, review the two included files (send.sh and resend-inbound.js) yourself — they are short and readable and do not contain obfuscated or unexpected network destinations beyond api.resend.com; and (5) consider storing API keys in a secrets manager or environment variable rather than an unencrypted file if you prefer tighter credential controls.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.3
Download zip
latestvk976kqte9tgmbt2738ftvgjt8x8216kd

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Resend Email

Send emails from any Resend-verified domain using the Resend API.

Quick Start

# Send simple email
bash skills/resend-email/scripts/send.sh \
  --to "recipient@example.com" \
  --subject "Subject Line" \
  --body "Email body text"

# With custom from address
bash skills/resend-email/scripts/send.sh \
  --to "recipient@example.com" \
  --from "you@yourdomain.com" \
  --subject "Subject" \
  --body "Body"

Direct API Call

curl -X POST 'https://api.resend.com/emails' \
  -H "Authorization: Bearer $(cat ~/.config/resend/credentials.json | jq -r .api_key)" \
  -H "Content-Type: application/json" \
  -d '{
    "from": "noreply@yourdomain.com",
    "to": ["recipient@example.com"],
    "subject": "Subject",
    "text": "Plain text body"
  }'

Configuration

  • Credentials: ~/.config/resend/credentials.json
  • Domain: any Resend-verified domain (configured in your Resend account)
  • Default from: set in credentials.json (e.g., noreply@yourdomain.com)

Receiving (Webhook + Clawdbot)

Use this when you want Resend inbound emails to trigger Clawdbot automatically.

1) Enable Clawdbot hooks

{
  hooks: {
    enabled: true,
    token: "<shared-secret>",
    path: "/hooks",
    transformsDir: "~/.clawdbot/hooks",
    mappings: [
      {
        id: "resend",
        match: { path: "resend" }, // relative to /hooks (no leading slash)
        action: "agent",
        deliver: true,
        channel: "telegram",
        transform: { module: "resend-inbound.js", export: "transform" }
      }
    ]
  }
}

Important: match.path is relative to /hooks (e.g., /hooks/resendresend).

2) Expose the webhook (Tailscale Funnel)

If your gateway is local-only, expose it via Funnel:

/Applications/Tailscale.app/Contents/MacOS/Tailscale funnel --bg 18789

MagicDNS + HTTPS certs must be enabled in your tailnet for TLS to work.

3) Configure Resend webhook

In Resend → Webhooks:

  • URL: https://<your-tailnet-host>.ts.net/hooks/resend?token=<shared-secret>
  • Event: email.received

Resend cannot set custom headers, so use ?token=.

4) Fetch full email content

Resend webhooks do not include body text. Use the receiving API:

GET https://api.resend.com/emails/receiving/:id

(See resend-inbound.js for an example transform that fetches the body.)

Email Voice: The Bureaucrat

See references/voice-bureaucrat.md for the default email tone.

Key traits:

  • Warm, patient, endlessly polite
  • Passive voice ("it is recommended that…")
  • Official jargon ("compliance framework", "pursuant to section 14(b)")
  • Everything framed as "best practices"
  • Bullet points start with "Please note that…"
  • Ends with "We appreciate your cooperation"

Tone: DMV supervisor who smiles while denying your form × LinkedIn thought-leader who genuinely believes bureaucracy is beautiful.

When drafting emails, apply this voice unless instructed otherwise.

HTML Emails

curl -X POST 'https://api.resend.com/emails' \
  -H "Authorization: Bearer $RESEND_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "from": "noreply@yourdomain.com",
    "to": ["recipient@example.com"],
    "subject": "Subject",
    "html": "<h1>Hello</h1><p>HTML content</p>"
  }'

Notes

  • send.sh preserves line breaks in --body (no literal \n output).
  • Use --html for rich formatting; default is plain text.

Common Patterns

Transactional notification:

# Order confirmation, welcome email, etc.
bash skills/resend-email/scripts/send.sh \
  --to "customer@example.com" \
  --subject "Your Request Has Been Processed" \
  --body "$(cat <<'EOF'
Dear Valued Individual,

Please note that your recent submission has been received and processed in accordance with standard operating procedures.

It should be understood that all requests are handled in the order received, pursuant to our established compliance framework.

We appreciate your cooperation in maintaining an orderly process.

Warm regards,
Clawd
Agent Services Division
EOF
)"

Reply to inquiry: Apply bureaucrat voice. Be helpful while maintaining the veneer of official procedure.

Files

4 total
Select a file
Select a file to preview.

Comments

Loading comments…