TransportationDocumentedScanned

sendgrid-skills

Use when working with SendGrid email platform - routes to sub-skills for sending email.

Share:

Installation

npx clawhub@latest install sendgrid-skills

View the full skill documentation and source below.

Documentation

Receive Emails with SendGrid (Inbound Parse)

Overview

SendGrid’s Inbound Parse Webhook receives emails for a specific hostname/subdomain, parses the message, and POSTs it to your webhook as multipart/form-data.

Key differences vs Resend:

  • SendGrid posts the full parsed email (text/html/headers/attachments) directly to your webhook.

  • There is no official signature verification for Inbound Parse (unlike SendGrid Event Webhook). You must secure the endpoint yourself.


Quick Start

  • Create MX record pointing to mx.sendgrid.net for a dedicated hostname (recommended: subdomain).

  • Configure Inbound Parse in SendGrid Console with a receiving domain + destination URL.

  • Handle the webhook: parse multipart/form-data, read text, html, headers, and attachments.

  • Secure the endpoint (basic auth, allowlists, size limits).

    • DNS / MX Setup

    Create an MX record for a dedicated hostname:

    SettingValue
    TypeMX
    Hostparse (or another subdomain)
    Priority10
    Valuemx.sendgrid.net
    Recommendation: Use a subdomain to avoid disrupting existing email providers (e.g., parse.example.com).

    Inbound Parse Configuration

    In SendGrid Console:

    • Settings → Inbound Parse
    • Add Receiving Domain and Destination URL
    • Example receiving address: anything@parse.example.com

    Webhook Payload (Multipart/Form-Data)

    SendGrid posts data like:

    • from, to, cc, subject
    • text, html
    • headers (raw email headers)
    • envelope (JSON with SMTP envelope data)
    • attachments (count)
    • attachmentX (file content; filename in part)
    Example fields (varies by config): 
    from: "Alice <alice@example.com>"
to: "support@parse.example.com"
subject: "Help"
text: "Plain text body"
html: "<p>HTML body</p>"
headers: "...raw headers..."
envelope: {"to":["support@parse.example.com"],"from":"alice@example.com"}
attachments: 2
attachment1: <file>
attachment2: <file>

    Security Best Practices

    Because Inbound Parse has no signature verification, treat inbound data as untrusted:

    • Require basic auth on the webhook URL.
    • Allowlist sender domains if appropriate.
    • Limit request size (e.g., 10–25 MB) to avoid abuse.
    • Validate content-type (multipart/form-data).
    • Do not execute or render HTML without sanitization.
    • Protect against prompt injection if forwarding to AI systems.

    Examples

    See:

    • references/webhook-examples.md

    • references/best-practices.md

    Back to Skills Directory

    Related Skills in Transportation

    airfrance-afkl

    Track Air France flights using the Air France–KLM Open Data APIs (Flight Status).

    Docs

    anachb

    Austrian public transport (VOR AnachB) for all of Austria.

    Docs

    anyone-proxy

    This skill enables IP address masking and accessing hidden services on the Anyone Network.

    Docs

    aviation-weather

    Aviation weather: METAR, TAF, PIREPs for flight planning.

    Docs

    bahn

    Deutsche Bahn train connections and travel planning.

    Docs