← Back to Skills Marketplace
231
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install toolweb-breached-email-check
Description
Check if an email has appeared in known data breaches and get detailed breach history, severity, compromised data, and remediation recommendations.
Usage Guidance
This skill looks like what it says (an external breach-check API), but the SKILL.md expects an API key while the registry metadata declares no required credential — that's an incoherence you should resolve before installing. Before using: 1) Ask the publisher to declare the required API key/env var in the skill metadata (and confirm where the key is stored and how it's protected). 2) Verify the external API domain (toolweb.in) and the publisher's identity/terms/privacy policy; confirm TLS and data-retention practices. 3) Consider privacy: the skill will send email addresses (and possibly other context) to a third party — avoid sending sensitive or production emails until you're confident in the provider. 4) If you allow autonomous invocation, be aware the agent could send user emails automatically; restrict scope or require explicit user approval for every check. 5) Test with non-sensitive example emails and confirm expected behavior and error handling before enabling in production.
Capability Analysis
Type: OpenClaw Skill
Name: toolweb-breached-email-check
Version: 1.0.0
The skill bundle defines a legitimate tool for checking email breach history via the ToolWeb.in API. The documentation in SKILL.md clearly outlines the tool's purpose, expected input/output, and the external endpoint (portal.toolweb.in). No malicious code, unauthorized data access, or prompt injection attempts were found.
Capability Assessment
Purpose & Capability
Name, description, and SKILL.md behavior align: it checks an email against breach databases and returns breach details. The endpoints and outputs described match the stated purpose.
Instruction Scope
Runtime instructions are limited to calling an external API to check emails and returning breach data — that is within scope. However, the SKILL.md explicitly instructs sending email addresses to portal.toolweb.in (and to pass an API key or MCP argument), which means user-supplied emails will be transmitted off-platform; SKILL.md does not include privacy/retention rules or limits on what context to include when calling the API.
Install Mechanism
Instruction-only skill with no install spec or code files — nothing is written to disk and no external installers are used.
Credentials
SKILL.md requires an API key via an X-API-Key header or 'mcp_api_key', but the registry metadata declares no required environment variables or primary credential. This mismatch is important: the skill will need credentials to function (and to be useful), but none are declared. The skill will transmit potentially sensitive email addresses to an external service, which requires explicit vetting of the credential handling and trust in the remote API provider.
Persistence & Privilege
always is false, no system config paths or persistent privileges are requested. Autonomous invocation is allowed (platform default) — note this increases the blast radius because the skill sends data externally, but the skill itself does not request unusual privilege escalation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install toolweb-breached-email-check - After installation, invoke the skill by name or use
/toolweb-breached-email-check - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the Breached Email Check skill.
- Instantly checks any email address against known data breach databases.
- Returns breach history, compromised data types, severity ratings, and remediation guidance.
- Identifies public paste exposure (e.g., Pastebin) for the queried email.
- Provides clear output for both breached and safe email addresses.
- Includes multiple usage scenarios such as user onboarding, employee audits, and threat assessments.
Metadata
Frequently Asked Questions
What is Breached Email Check?
Check if an email has appeared in known data breaches and get detailed breach history, severity, compromised data, and remediation recommendations. It is an AI Agent Skill for Claude Code / OpenClaw, with 231 downloads so far.
How do I install Breached Email Check?
Run "/install toolweb-breached-email-check" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Breached Email Check free?
Yes, Breached Email Check is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Breached Email Check support?
Breached Email Check is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Breached Email Check?
It is built and maintained by ToolWeb (@krishnakumarmahadevan-cmd); the current version is v1.0.0.
More Skills