resend
Facilitates email operations with the Resend platform, enabling sending, receiving, and managing email workflows for developers.
Install this skill
Security score
The resend skill was audited on May 24, 2026 and we found 13 security issues across 2 threat categories, including 1 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Webhook reference - potential data exfiltration
| 14 | - name: RESEND_WEBHOOK_SECRET |
Webhook reference - potential data exfiltration
| 15 | description: Webhook signing secret for verifying event payloads. Found in the Resend dashboard under Webhooks after creating an endpoint. |
Webhook reference - potential data exfiltration
| 30 | | **Receiving emails** | `resend-inbound` | Processing inbound emails, webhooks for received mail, attachments | |
Webhook reference - potential data exfiltration
| 38 | - Delivery webhooks (bounced, delivered, opened) |
Webhook reference - potential data exfiltration
| 42 | - Processing `email.received` webhooks |
Webhook reference - potential data exfiltration
| 48 | - Webhook setup with ngrok/tunneling for local development |
Ngrok tunnel reference
| 48 | - Webhook setup with ngrok/tunneling for local development |
External URL reference
| 8 | homepage: https://resend.com |
External URL reference
| 12 | description: Resend API key for sending and receiving emails. Get yours at https://resend.com/api-keys |
External URL reference
| 60 | **Marketing emails or newsletters?** Use [Resend Broadcasts](https://resend.com/broadcasts) |
External URL reference
| 78 | - [Resend Documentation](https://resend.com/docs) |
External URL reference
| 79 | - [API Reference](https://resend.com/docs/api-reference) |
External URL reference
| 80 | - [Dashboard](https://resend.com/emails) |