Resend Send Native Node
Send email via the Resend.com HTTPS API.
Native Node.js. Zero dependencies. One POST call for real sends. Small enough to audit directly.
When to use
Trigger phrases: "email me", "send an email", "mail this to", "send a notification", "email the report".
Use this when:
- The user wants to send an email fast, without Gmail OAuth or App Password pain
- Simple "fire and forget" sends (no inbox reading needed)
- The user has a Resend.com account (free tier: 3,000 emails/month)
- Weekly/report-style outbound messages where the body is generated from explicitly reviewed text
Do NOT use this when:
- The user wants to READ email (this is send-only)
- The user needs to send from a specific personal Gmail address (use a Gmail-specific skill)
- Sensitive business emails where provenance matters (Resend's default
onboarding@resend.devsender looks transactional) - The recipient, sender, or final body has not been explicitly reviewed/approved for a real send
Safety policy for agents
This skill is send-only, but it is still externally mutating. For agent use:
- Draft first. Generate or inspect the exact body text before sending.
- Dry-run first. The script dry-runs by default; review the printed payload.
- Explicit approval. Use
--sendonly after the user explicitly approves that exact recipient, subject, and body. - Use an allowlist. Real sends fail closed unless
RESEND_ALLOWED_TO=addr@example.com,other@example.comis set in the process environment for approved recipients. - No raw memory dumps. Email only curated report text, not unfiltered memory, transcripts, logs, or private workspace context.
How to run
The script is in scripts/send.mjs.
Basic:
node "<skill-dir>/scripts/send.mjs" --to "you@example.com" --subject "Hello" --body "Hi there"
Without --send, this prints a dry-run payload and does not send.
With from address override:
node "<skill-dir>/scripts/send.mjs" --from "OpenClaw <onboarding@resend.dev>" --to "you@example.com" --subject "Hello" --body "Hi"
HTML body:
node "<skill-dir>/scripts/send.mjs" --html --to "you@example.com" --subject "Styled" --body "<h1>Hi</h1><p>Hello</p>"
Dry run (no send, just print the payload):
node "<skill-dir>/scripts/send.mjs" --dry-run --to "you@example.com" --subject "Test" --body "..."
Real send (only after explicit approval):
node "<skill-dir>/scripts/send.mjs" --send --to "you@example.com" --subject "Weekly report" --body "Approved report text"
All flags
| Flag | Required? | Purpose |
|---|---|---|
--to | yes | Comma-separated recipient addresses |
--subject | yes | Message subject |
--body | yes | Inline message body |
--cc | no | Comma-separated cc |
--bcc | no | Comma-separated bcc |
--from | no | Override sender, e.g. "OpenClaw <onboarding@resend.dev>" |
--reply-to | no | Reply-to address |
--html | no | Body is HTML instead of plain text |
--dry-run | no | Don't send; print the JSON payload |
--send | no | Actually send. Without this, the script dry-runs by default |
-h, --help | no | Show help |
--body-file is intentionally not supported in the public package. Review file contents yourself and pass approved text with --body.
Credentials
Requires process environment values:
RESEND_API_KEY- starts withre_...RESEND_ALLOWED_TO- comma-separated recipient allowlist for real sends- Real sends require
RESEND_ALLOWED_TO; without it the script refuses--send
How to get one:
- Sign up at https://resend.com (free - 3,000 emails/month)
- Go to API Keys in the dashboard
- Click Create API Key, name it, and choose the least-privilege sending permission available for your account
- Copy the key
Export it in the runtime process environment:
$env:RESEND_API_KEY="<your-resend-key>"
$env:RESEND_ALLOWED_TO="you@example.com,reports@example.com"
Sender identity
By default, emails are sent from onboarding@resend.dev - Resend's default sender. This works immediately without any domain setup.
For a custom domain (later, optional):
- Add your domain to Resend at https://resend.com/domains
- Configure DNS records they provide
- Use
--from "Henry <henry@yourdomain.com>"
What this skill does
- Reads
RESEND_API_KEYfrom the process environment only - POSTs a JSON request to
https://api.resend.com/emails - Prints a one-line confirmation with the Resend message ID
- Defaults to dry-run unless
--sendis present - Validates basic recipient address shape before sending
- Enforces
RESEND_ALLOWED_TOfor real sends; fail-closed if it is missing - Prints body byte length and SHA-256 prefix in dry-run so reviewed content can be matched to the send
What this skill does NOT do
- Does not read or manage email (this is send-only)
- Does not read local files or support
--body-file - Does not write any files
- Does not make network calls other than to
api.resend.com - Does not auto-update
- Does not support attachments in this version
Output
On success:
sent to you@example.com (subject: Hello) - resend-id: c8f43f2a-...
On failure, clear error on stderr with a non-zero exit code.
Troubleshooting
- "RESEND_API_KEY not set" - get one at https://resend.com and export
RESEND_API_KEYin the process environment - HTTP 401 - API key is invalid or was revoked
- HTTP 403 - API key doesn't have send permission (check dashboard)
- HTTP 422 - the from address isn't verified on your Resend account (use
onboarding@resend.devor verify your own domain) - HTTP 429 - rate limited (free tier: 100/day, 3,000/month)
- Network error - transient; retry
Free tier limits
- 3,000 emails/month
- 100 emails/day
- Sends from
onboarding@resend.dev(no domain needed) - For higher limits + custom domains, paid tiers start at $20/month