agent-email-inbox

The agent-email-inbox skill provides a framework for building secure, webhook-based email processing systems for AI agents. It includes patterns for sender allowlisting, webhook signature verification, and content filtering to prevent unauthorized access to agent workflows.

3.4K

Installs

Use cases

5/10

Quality

Is agent-email-inbox safe to install?

Review the source first

Review the source first: our audit of agent-email-inbox's source files found 2 shell commands, 2 external URLs, file reads and writes (high risk). Every command and URL listed appears verbatim in the skill's source. The skill facilitates network requests via the Resend API and requires the execution of shell commands for environment setup. It handles untrusted inbound email, which poses a security risk if not configured with the provided validation patterns.

How we audit skills: our security review methodology.

Who is this skill for?

Developers building AI agents or automated systems that process inbound email content.

What can you do with it?

Automated support ticket handlers
Email-to-task pipelines
AI agent inboxes
Workflow processing for untrusted inbound email

How good is this skill?

Quality score: 5/10. The documentation is comprehensive, providing clear architectural guidance, security best practices, and code examples for multiple programming languages.

What does the skill file contain?

SKILL.md

# AI Agent Email Inbox

## Overview

This skill covers setting up a secure email inbox that allows your application or AI agent to receive and respond to emails, with content safety measures in place.

**Core principle:** An AI agent's inbox receives untrusted input. Security configuration is important to handle this safely.

### Why Webhook-Based Receiving?

Resend uses webhooks for inbound email, meaning your agent is notified **instantly** when an email arrives. This is valuable for agents because:

- **Real-time responsiveness** — React to emails within seconds, not minutes
- **No polling ...

Frequently asked questions

Why use webhooks instead of polling?

Webhooks provide real-time notifications, eliminate polling overhead, and reduce API costs by triggering the agent only when an email arrives.

How do I secure my agent against malicious emails?

Implement the provided security levels, specifically strict sender allowlisting, and always verify webhook signatures using the Resend SDK.

What is the purpose of the RESEND_WEBHOOK_SECRET?

It verifies that incoming webhook events originate from Resend, preventing spoofed requests.

Data sourced from resend/resend-skills on GitHub. Install counts from skills.sh. The summary and security audit are derived from the skill's source files: every command and URL listed appears verbatim in the source.

Install

Works with Claude Code, Cursor, Codex CLI, and 50+ agents.

Manual install paths per agent

Claude Code: .claude/skills/ or ~/.claude/skills/

Codex CLI: .codex/skills/ or ~/.codex/skills/

GitHub Copilot: .github/skills/ or ~/.copilot/skills/

Amp: .agents/skills/ or ~/.config/agents/skills/

Copy the skill folder (with SKILL.md) into the project or global directory.

Security audit

high risk

Commands

URLs

Yes

File I/O

The skill facilitates network requests via the Resend API and requires the execution of shell commands for environment setup. It handles untrusted inbound email, which poses a security risk if not configured with the provided validation patterns.

View commands and endpoints

$ npm install resend

$ echo "RESEND_API_KEY=re_xxx" >> .env

https://resend.com/api-keys

https://dns.email

Sourceresend/resend-skills

Installs3.4K

Quality5/10

email webhooks security automation resend

Related skills

lark-workflow-meeting-summary

219.7K

Users who need to summarize meeting minutes, generate weekly reports, or review meeting history within the Lark ecosystem

The lark-workflow-meeting-summary skill provides a structured workflow for agents to aggregate meeting minutes from Lark VC, generate summaries, and create or update reports in Lark Docs.

highlarkmeeting-summarylarksuite

programmatic-seo

83.5K

Content strategists, SEO specialists, and marketers building large-scale, data-driven website content

The programmatic-seo skill provides a framework for generating SEO-optimized pages at scale using templates and data. It guides users through keyword research, data sourcing, template design, internal linking, and indexation strategies while emphasizing content uniqueness to avoid search engine penalties.

lowseomarketingcoreyhaines31

ad-creative

64.0K

Performance marketers, growth teams, and advertisers who need to produce ad copy at scale or optimize existing ad creative

The ad-creative skill generates, iterates, and scales ad copy for paid advertising platforms including Google, Meta, LinkedIn, TikTok, and Twitter. It provides frameworks for creating ad headlines, descriptions, and primary text based on product context and performance data.

highmarketingadvertisingcoreyhaines31

cold-email

63.5K

Sales development representatives, founders, and professionals conducting B2B cold outreach

The cold-email skill generates B2B cold outreach emails and follow-up sequences. It prioritizes human-sounding, concise copy that focuses on the recipient's perspective rather than vendor-style pitches. The skill incorporates product marketing context from local files to tailor messaging and utilizes specific frameworks for subject lines, body content, and calls to action.

lowsalesemailcoreyhaines31