← Back to Skills Marketplace
harrylabsj

Breach Check

by haidong · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
40
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install breach-check
Description
Check if your email, phone or password has been in data breaches. Full security response workflow.
README (SKILL.md)

Breach Check

Check if email, phone, or password has appeared in known data breaches. Uses k-anonymity and privacy-preserving lookup, never sends raw credentials.

Workflow

  1. Hash input — SHA-256 hash of email/phone. For passwords, use SHA-1 prefix (k-anonymity model, first 5 chars only sent).
  2. Query breach DB — call Have I Been Pwned API v3 (or equivalent) with hash prefix. Respect rate limits (1.5s delay between calls).
  3. Results — return only: breached (yes/no), breach name, data types exposed (email, password, phone, address, etc.).
    • Never return raw password or plaintext credential.
  4. Severity triage:
    • 🔴 High — password exposed
    • 🟡 Medium — phone / address / ID number exposed
    • 🟢 Low — email-only breach
  5. Action plan — per breach:
    • 🔴 → change password immediately, enable 2FA, check for account takeover
    • 🟡 → monitor for phishing, update linked account recovery info
    • 🟢 → review spam filter, update email alias if heavy spam
  6. Password check — SHA-1 k-anonymity: send first 5 hex chars to Pwned Passwords API. Return count of occurrences.
  7. Report — personal security report with:
    • breach timeline
    • severity summary
    • actionable todo list (prioritized)
  8. Optional — set reminder for periodic re-check (cron / scheduling).

Sample Prompt

breach-check check --email [email protected] --phone 13900000000
breach-check password --check "my-p@ssw0rd"
breach-check monitor --email [email protected] --interval monthly
breach-check report --email [email protected] --format json
Usage Guidance
Before installing, understand that this skill is intended to handle sensitive personal security data. Use it only for accounts or credentials you are authorized to check, prefer privacy-preserving password checks, and review any optional monitoring or scheduling before enabling it.
Capability Assessment
Purpose & Capability
The skill's stated purpose is to check emails, phones, and passwords against breach data, and the instructions consistently focus on hashing, k-anonymity password lookup, breach result triage, and remediation advice.
Instruction Scope
It asks the agent to process sensitive user-provided emails, phone numbers, and passwords, but this is central to the purpose and the artifact explicitly says not to return plaintext credentials or send raw passwords.
Install Mechanism
The reviewed artifact is markdown-only with no executable scripts, package installation steps, or hidden installer behavior.
Credentials
Network calls to breach-checking APIs are expected for this function, and rate-limit handling is disclosed; no unrelated local file access or credential-store access is requested.
Persistence & Privilege
The skill mentions optional periodic re-check reminders using cron or scheduling, but frames this as optional rather than automatic or hidden persistence.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install breach-check
  3. After installation, invoke the skill by name or use /breach-check
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Check email phone password against data breaches with security response workflow
Metadata
Slug breach-check
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Breach Check?

Check if your email, phone or password has been in data breaches. Full security response workflow. It is an AI Agent Skill for Claude Code / OpenClaw, with 40 downloads so far.

How do I install Breach Check?

Run "/install breach-check" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Breach Check free?

Yes, Breach Check is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Breach Check support?

Breach Check is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Breach Check?

It is built and maintained by haidong (@harrylabsj); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments