Sendgrid Skills
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: sendgrid-skills Version: 1.2.2 The OpenClaw skill bundle provides SendGrid integration for sending and receiving emails. It demonstrates strong security awareness, including robust input validation in `scripts/verify-inbound-setup.sh` to prevent shell injection and SSRF, and file path validation in `scripts/send-html-email.sh` to prevent arbitrary file reads. Crucially, the documentation (`sendgrid-inbound/SKILL.md`, `sendgrid-inbound/references/best-practices.md`) explicitly warns about protecting against prompt injection when forwarding inbound email content to AI systems. There is no evidence of intentional malicious behavior, data exfiltration, persistence, or malicious prompt injection attempts within the skill's code or instructions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A broadly scoped or exposed SendGrid key could be used to send unwanted email or affect account reputation and costs.
The skill requires a SendGrid API key and correctly advises limiting its scope; that credential can authorize real account actions.
requirements:\n env:\n - SENDGRID_API_KEY ... Use a SendGrid API key scoped to Mail Send only.
Use a dedicated SendGrid API key scoped only to Mail Send, store it securely, and rotate it if exposed.
Running the send scripts can queue real emails to external recipients.
The helper script performs an external SendGrid Mail Send API call using the user's API key.
curl -s -w "\n%{http_code}" -X POST \
https://api.sendgrid.com/v3/mail/send \
-H "Authorization: Bearer $SENDGRID_API_KEY"Review recipient, sender, subject, and body before execution; use test recipients you control.
Quotes, newlines, or unusual characters in test subject/message values may break or alter the test API request.
The test script interpolates command arguments directly into JSON instead of constructing the payload with jq or an SDK, unlike the HTML send script.
"subject": "$SUBJECT", ... {"type": "text/plain", "value": "$MESSAGE"}Use simple test values with this script, or prefer the jq-based HTML script/official SDK for arbitrary user-provided content.
An unsecured webhook could receive spoofed or abusive inbound email data, including attachments and HTML content.
Inbound Parse webhooks can deliver full email bodies, headers, and attachments to a user endpoint without built-in signature verification.
SendGrid posts the full parsed email ... There is no official signature verification ... You must secure the endpoint yourself.
Protect inbound endpoints with HTTPS, basic auth or equivalent, IP allowlists where practical, size limits, content validation, HTML sanitization, and attachment scanning.
Copying examples unchanged could send test content to an address the user may not control.
Several examples use a specific real-looking address rather than a neutral placeholder, which users might copy without replacing.
Prefer sending to addresses you control (e.g., `vince@winkintel.com`).
Replace all example addresses with accounts you own before running any send command or code sample.