This skill covers setting up a secure email inbox that allows your application or AI agent to receive and respond to emails, with content safety measures in place.
Works with
AI-first code editor with Composer
Before installing skills in Cursor, ensure your development environment meets these requirements:
node --versionagent-email-inboxExecute the skills CLI command in your project's root directory to begin installation:
Fetches agent-email-inbox from resend/resend-skills and configures it for Cursor.
The CLI shows a list of agents. Use arrow keys and space to select Cursor:
Confirm successful installation by checking the skill directory location:
Restart Cursor to activate agent-email-inbox. Access via /agent-email-inbox in your agent's command palette.
We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.
Skills execute code in your environment. Always review source, verify the publisher, and test in isolation before production.
Submit your Claude Code skill and start earning
Automate repetitive workflows and reduce manual effort
Example
Generate reports, summarize documents, draft communications
Save 3-5 hours per week on routine tasks
Learn new skills, understand complex topics, get expert guidance
Example
Explain concepts, provide examples, suggest learning resources
Accelerate learning and skill development by 2x
Enhance output quality through reviews, suggestions, and refinements
Example
Review drafts, suggest improvements, catch errors
Improve work quality by 30-40% with less effort
0
total installs
0
this week
98
GitHub stars
0
upvotes
Run in your terminal
0
installs
0
this week
98
stars
This skill covers setting up a secure email inbox that allows your application or AI agent to receive and respond to emails, with content safety measures in place.
Core principle: An AI agent's inbox receives untrusted input. Security configuration is important to handle this safely.
Resend uses webhooks for inbound email, meaning your agent is notified instantly when an email arrives. This is valuable for agents because:
Sender → Email → Resend (MX) → Webhook → Your Server → AI Agent
↓
Security Validation
↓
Process or Reject
This skill requires Resend SDK features for webhook verification (webhooks.verify()) and email receiving (emails.receiving.get()). Always install the latest SDK version. If the project already has a Resend SDK installed, check the version and upgrade if needed.
| Language | Package | Min Version |
|---|---|---|
| Node.js | resend |
>= 6.9.2 |
| Python | resend |
>= 2.21.0 |
| Go | resend-go/v3 |
>= 3.1.0 |
| Ruby | resend |
>= 1.0.0 |
| PHP | resend/resend-php |
>= 1.1.0 |
| Rust | resend-rs |
>= 0.20.0 |
| Java | resend-java |
>= 4.11.0 |
| .NET | Resend |
>= 0.2.1 |
Install the resend npm package: npm install resend (or the equivalent for your language). For full sending docs, install the resend skill.
email.received events with security built in from the start. The webhook endpoint MUST be a POST route.Ask your human:
Don't paste API keys in chat! They'll be in conversation history forever.
Safer options:
.env file directly: echo "RESEND_API_KEY=re_xxx" >> .envIf your human has an existing Resend account with other projects, create a domain-scoped API key:
Use your auto-generated address: <anything>@<your-id>.resend.app
No DNS configuration needed. Find your address in Dashboard → Emails → Receiving → "Receiving address".
The user must enable receiving in the Resend dashboard: Domains page → toggle on "Enable Receiving".
Then add an MX record:
| Setting | Value |
|---|---|
| Type | MX |
| Host | Your domain or subdomain (e.g., agent.yourdomain.com) |
| Value | Provided in Resend dashboard |
| Priority | 10 (must be lowest number to take precedence) |
Use a subdomain (e.g., agent.yourdomain.com) to avoid disrupting existing email services.
Tip: Verify DNS propagation at dns.email.
DNS Propagation: MX record changes can take up to 48 hours to propagate globally, though often complete within a few hours.
Choose your security level before setting up the webhook endpoint. An AI agent that processes emails without security is dangerous — anyone can email instructions that your agent will execute. The webhook code you write next should include your chosen security level from the start.
Ask the user what level of security they want, and ensure that they understand what each level means.
| Level | Name | When to Use | Trade-off |
|---|---|---|---|
| 1 | Strict Allowlist | Most use cases — known, fixed set of senders | Maximum security, limited functionality |
| 2 | Domain Allowlist | Organization-wide access from trusted domains | More flexible, anyone at domain can interact |
| 3 | Content Filtering | Accept from anyone, filter unsafe patterns | Can receive from anyone, pattern matching not foolproof |
| 4 | Sandboxed Processing | Process all emails with restricted agent capabilities | Maximum flexibility, complex to implement |
| 5 | Human-in-the-Loop | Require human approval for untrusted actions | Maximum security, adds latency |
For detailed implementation code for each level, see references/security-levels.md.
Only process emails from explicitly approved addresses. Reject everything else.
const ALLOWED_SENDERS = [
'[email protected]',
'[email protected]',
];
async function processEmailForAgent(
eventData: EmailReceivedEvent,
emailContent: EmailContent
) {
const sender = eventData.from.toLowerCase();
if (!ALLOWED_SENDERS.some(allowed => sender === allowed.toLowerCase())) {
console.log(`Rejected email from unauthorized sender: ${sender}`);
await notifyOwnerOfRejectedEmail(eventData);
return;
}
await agent.processEmail({
from: eventData.from,
subject: eventData.subject,
body: emailContent.text || emailContent.html,
});
}
| Practice | Why |
|---|---|
| Verify webhook signatures | Prevents spoofed webhook events |
| Log all rejected emails | Audit trail for security review |
| Use allowlists where possible | Explicit trust is safer than filtering |
| Rate limit email processing | Prevents excessive processing load |
| Separate trusted/untrusted handling | Different risk levels need different treatment |
| Anti-Pattern | Risk |
|---|---|
| Process emails without validation | Anyone can control your agent |
| Trust email headers for authentication | Headers are trivially spoofed |
| Execute code from email content | Untrusted input should never run as code |
| Store email content in prompts verbatim | Untrusted input mixed into prompts can alter agent behavior |
| Give untrusted emails full agent access | Scope capabilities to the minimum needed |
After choosing your security level and setting up your domain, create a webhook endpoint. The webhook endpoint MUST be a POST route. Resend sends all webhook events as POST requests.
Critical: Use raw body for verification. Webhook signature verification requires the raw request body.
- Next.js App Router: Use
req.text()(notreq.json())- Express: Use
express.raw({ type: 'application/json' })on the webhook route
// app/webhook/route.ts
import { Resend } from 'resend';
import { NextRequest, NextResponse } from 'next/server';
const resend = new Resend(process.env.RESEND_API_KEY);
export async function POST(req: NextRequest) {
try {
const payload = await req.text();
const event = resend.webhooks.verify({
payload,
headers: {
'svix-id': req.headers.get('svix-id'),
'svix-timestamp': req.headers.get('svix-timestamp'),
'svix-signature': req.headers.get('svix-signature'),
},
secret: process.env.RESEND_WEBHOOK_SECRET,
});
if (event.type === 'email.received') {
// Webhook payload only includes metadata, not email body
const { data: email } = await resend.emails.receiving.get(
event.data.email_id
);
// Apply the security level chosen above
await processEmailForAgent(event.data, email);
}
return new NextResponse('OK', { status: 200 });
} catch (error) {
console.error('Webhook error:', error);
return new NextResponse('Error', { status: 400 });
}
}
import express from 'express';
Implementation Guide
Prerequisites
- ›Claude Desktop or compatible AI client with skill support
- ›Clear understanding of task or problem to solve
- ›Willingness to iterate and refine outputs
Time Estimate
15-45 minutes depending on use case complexity
Steps
- 1Install skill using provided installation command
- 2Test with simple use case relevant to your work
- 3Evaluate output quality and relevance
- 4Iterate on prompts to improve results
- 5Integrate into regular workflow if valuable
Common Pitfalls
- ⚠Expecting perfect results without iteration
- ⚠Not providing enough context in prompts
- ⚠Using skill for tasks outside its intended scope
- ⚠Accepting outputs without review and validation
Best Practices
✓ Do
- +Start with clear, specific prompts
- +Provide relevant context and constraints
- +Review and refine all outputs before using
- +Iterate to improve output quality
- +Document successful prompt patterns
✗ Don't
- −Don't use without understanding skill limitations
- −Don't skip validation of outputs
- −Don't share sensitive information in prompts
- −Don't expect skill to replace human judgment
💡 Pro Tips
- ★Be specific about desired format and style
- ★Ask for multiple options to choose from
- ★Request explanations to understand reasoning
- ★Combine AI efficiency with human expertise
When to Use This
✓ Use when
Use when skill capabilities match your task, clear ROI on time saved, and you can validate outputs. Best for repetitive tasks, learning, and quality improvement.
✗ Avoid when
Avoid when task requires deep expertise you can't validate, involves sensitive decisions, or when learning process is more valuable than speed of completion.
Learning Path
- 1Familiarize yourself with skill capabilities and limitations
- 2Start with low-risk, non-critical tasks
- 3Progress to more complex and valuable use cases
- 4Build expertise through regular use and experimentation
Related Skills
qq-email
9shadowcz007/skills
AI/MLtag: emailmjml-email-templates
6aaronontheweb/dotnet-skills
AI/MLtag: emailagent-browser
32vercel-labs/agent-browser
Productivitytag: agentagent-reach
24panniantong/agent-reach
Productivitytag: agentpolyglot-test-agent
11github/awesome-copilot
Testingtag: agentfluxa-agent-wallet
8fluxa-agent-payment/fluxa-ai-wallet-mcp
Productivitytag: agentReviews
4.4★★★★★57 reviews- DDaniel Ghosh★★★★★Dec 24, 2024
Registry listing for agent-email-inbox matched our evaluation — installs cleanly and behaves as described in the markdown.
- DDaniel Iyer★★★★★Dec 24, 2024
agent-email-inbox reduced setup friction for our internal harness; good balance of opinion and flexibility.
- CChaitanya Patil★★★★★Dec 20, 2024
I recommend agent-email-inbox for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
- AAdvait Menon★★★★★Dec 16, 2024
agent-email-inbox fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
- CCharlotte Martinez★★★★★Dec 12, 2024
Useful defaults in agent-email-inbox — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
- AAmelia Mensah★★★★★Dec 12, 2024
I recommend agent-email-inbox for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
- NNeel Jain★★★★★Nov 27, 2024
Registry listing for agent-email-inbox matched our evaluation — installs cleanly and behaves as described in the markdown.
- AAmelia Johnson★★★★★Nov 23, 2024
Useful defaults in agent-email-inbox — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
- LLayla Sethi★★★★★Nov 15, 2024
We added agent-email-inbox from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.
- PPiyush G★★★★★Nov 11, 2024
agent-email-inbox fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
showing 1-10 of 57
1 / 6Discussion
Comments — not star reviews- No comments yet — start the thread.