Brevo Automation
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: brevo-automation Version: 0.1.0 The skill bundle is designed to automate Brevo (Sendinblue) tasks via the Rube MCP. The `SKILL.md` file provides clear, domain-specific instructions for the AI agent to interact with Brevo tools (e.g., `BREVO_LIST_EMAIL_CAMPAIGNS`, `BREVO_CREATE_OR_UPDATE_EMAIL_TEMPLATE`). There is no evidence of intentional harmful behavior such as data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempting to subvert the agent's purpose or access unrelated sensitive data. All instructions, including the use of `RUBE_MANAGE_CONNECTIONS`, are directly aligned with the stated goal of managing Brevo resources.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If approved, the agent could change campaign content/settings or delete inactive templates in the connected Brevo account.
The skill documents tools that can mutate Brevo marketing assets, including campaign updates and template deletion. This is aligned with the stated purpose, but these actions can affect business communications.
`BREVO_UPDATE_EMAIL_CAMPAIGN` - Update campaign content or settings [Optional] ... `BREVO_DELETE_EMAIL_TEMPLATE` - Delete an inactive template [Optional]
Before running update, delete, sender, recipient, or scheduling actions, verify the exact campaign/template IDs, content, recipient lists, and timing.
The agent's Brevo actions may be performed as the authenticated Brevo user or workspace.
The skill requires delegated access to a Brevo account through Rube MCP. This is expected for the integration, but actions will run with the permissions of the connected Brevo identity.
Active Brevo connection via `RUBE_MANAGE_CONNECTIONS` with toolkit `brevo` ... follow the returned auth link to complete Brevo authentication
Use an appropriate Brevo account with only the needed permissions where possible, and disconnect the Rube/Brevo connection when no longer needed.
Marketing data handled by the agent may be shared with Rube/Composio and Brevo during tool execution.
The skill relies on an external MCP provider to broker Brevo tool calls. Campaign content, template content, sender details, and campaign metadata may pass through that provider as part of normal operation.
Automate Brevo ... through Composio's Brevo toolkit via Rube MCP ... Add `https://rube.app/mcp` as an MCP server
Confirm that Rube/Composio is an approved provider for your workspace before using it with sensitive campaign content or customer-list metadata.