← Back to Skills Marketplace
GoodVerify
by
Thomas Brewer
· GitHub ↗
· v0.1.0
· MIT-0
106
Downloads
1
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install goodverify
Description
Verify emails, phones, and addresses using the goodverify CLI. Use when the user asks to verify contact data, check deliverability, validate an address, look...
README (SKILL.md)
GoodVerify CLI
Verify emails, phone numbers, and mailing addresses via the goodverify.dev API.
Prerequisites
The goodverify CLI must be installed and configured. Check with:
goodverify --version
goodverify configure --show
If not installed:
curl -fsSL https://raw.githubusercontent.com/agoodway/goodverify_cli/main/install.sh | sh
If not configured, ask the user for their API key and base URL, then:
goodverify configure --env production --url https://goodverify.dev --key \x3Capi_key>
Commands
Verify Email
Check deliverability, domain MX records, disposable/catch-all/role flags.
goodverify verify email --email [email protected]
Key response fields:
deliverability.status—deliverable,undeliverable, orriskydeliverability.reason—accepted_email,rejected_email,unknown, etc.flags.is_disposable— temporary email serviceflags.is_catch_all— domain accepts all addressesflags.is_role_account— generic address like info@, support@domain.has_mx_records— domain can receive email
Verify Phone
Check carrier, phone type (mobile/landline/voip), compliance (DNC/TCPA), and formatting.
goodverify verify phone --phone "+15551234567"
goodverify verify phone --phone "5551234567" --country US
Key response fields:
valid— whether the number is validphone_type—mobile,landline,voip,toll_freecarrier.name— carrier namecompliance.dnc— on Do Not Call listcompliance.tcpa— TCPA consent requiredformatted.e164— standardized format
Verify Address
Standardize, geocode, check deliverability, and find property owners.
Single string:
goodverify verify address --address "123 Main St, Springfield, IL 62701"
Structured fields:
goodverify verify address --street "123 Main St" --city Springfield --state IL --zip 62701
Key response fields:
deliverability—deliverable,undeliverable,missing_unitstandardized_address— USPS-standardized componentsgeo_location— latitude, longitude, accuracyowners— property owner information (name, other addresses, phones, emails)property.type— residential, commercial, etc.
Batch Operations
goodverify batch list # List all batch jobs
goodverify batch get --id \x3Cbatch_id> # Get batch job details
goodverify batch results --id \x3Cbatch_id> # Download results
goodverify batch sample > template.csv # Get CSV template
Usage & Health
goodverify usage # Credit balance, plan, rate limits
goodverify health # API health check (no auth required)
Global Options
All commands accept:
--env \x3Cname>— use a specific configured environment--key \x3Ckey>— override API key for this request--url \x3Curl>— override base URL for this request--json— output raw JSON (default is pretty-printed)
Guidelines
- Always use
--jsonwhen you need to parse the response programmatically - For bulk verification, prefer
batchcommands over loopingverifycalls - Phone numbers should include country code or use
--countryflag - Address verification works best with complete addresses (street, city, state, zip)
- Check
goodverify usagebefore large batch operations to confirm credit balance sk_*keys are read-write (required for batch).pk_*keys are read-only.
Usage Guidance
What to consider before installing: 1) The skill's metadata omits the API key and CLI dependency described in SKILL.md — treat that as a red flag and ask the publisher to correct the metadata. 2) The SKILL.md recommends running curl ... | sh from a raw GitHub URL; do not run that blindly. Instead, inspect the install.sh content (view the file in the repo or clone the repo), prefer a signed/released package, or ask for an installation method from an official release. 3) Only provide a read-only (pk_*) key to the agent when possible; avoid giving sk_* read-write keys to an agent or pasting them into chat. 4) If you must use this tool, confirm the repository owner, pin a specific commit or release, and review the install script for harmful behavior. 5) Request that the skill metadata be updated to declare required binaries and environment variables (API key, CLI) before installing so you can perform an informed risk assessment.
Capability Analysis
Type: OpenClaw Skill
Name: goodverify
Version: 0.1.0
The skill bundle contains a high-risk installation pattern in SKILL.md, instructing the agent to execute a remote shell script via 'curl | sh' from a GitHub repository (agoodway/goodverify_cli). While the tool's stated purpose is to verify contact information using the goodverify.dev API, this installation method is a significant security vulnerability that could lead to arbitrary code execution. No explicit evidence of malicious intent or data exfiltration was found.
Capability Assessment
Purpose & Capability
The SKILL.md describes exactly the expected capabilities (email, phone, address verification) and requires a goodverify CLI and API key — that is coherent with the stated purpose. However, the registry metadata lists no required binaries or environment variables, which contradicts the SKILL.md. The missing declaration of an API credential and CLI requirement is an inconsistency that should be explained.
Instruction Scope
Runtime instructions tell the agent to check/install/configure the goodverify CLI, ask users for API keys/base URL, and run verification and batch commands. While the verification commands themselves are scoped to the purpose, the instructions explicitly recommend executing a remote install script (curl -fsSL https://raw.githubusercontent.com/.../install.sh | sh) — this is an instruction to download and execute arbitrary code. The SKILL.md also mentions sk_* (read-write) keys are required for batch operations; instructing the agent/user to provide such keys without constraints increases risk.
Install Mechanism
There is no formal install spec in registry metadata, but the instructions advise a curl | sh from a raw.githubusercontent.com URL. Downloading and piping a remote install script for execution is higher-risk than using a vetted package release or distribution package. The URL is a direct raw GitHub path rather than a pinned release archive, increasing the risk of tampering or surprise changes.
Credentials
The registry metadata declares no required environment variables or primary credential, but the SKILL.md clearly requires a goodverify.dev API key and refers to read-write sk_* keys for batches and pk_* read-only keys. This mismatch is significant: the skill will need sensitive API keys to function, but those needs are not declared in metadata. The skill does not request unrelated credentials, but failing to declare the required secret in metadata makes it harder for users to spot and audit.
Persistence & Privilege
The skill itself is instruction-only and not always-enabled; it does not declare privileged persistent behavior. However, the SKILL.md instructs installation of a CLI which would create software on the user's system and persist configuration (including API keys) — an action with lasting effect that the user must explicitly approve. This persistence is not reflected in the registry metadata.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install goodverify - After installation, invoke the skill by name or use
/goodverify - Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release of GoodVerify skill for contact data verification.
- Enables verification of emails, phone numbers, and addresses using the goodverify CLI and API.
- Supports commands for single and batch verifications, usage checks, and API health status.
- Provides guidance for configuring the CLI with an API key and environment.
- Includes response field explanations for each verification type to help interpret results.
- Allows output as JSON for easy parsing and automation.
- Lists global options and best-practice guidelines.
Metadata
Frequently Asked Questions
What is GoodVerify?
Verify emails, phones, and addresses using the goodverify CLI. Use when the user asks to verify contact data, check deliverability, validate an address, look... It is an AI Agent Skill for Claude Code / OpenClaw, with 106 downloads so far.
How do I install GoodVerify?
Run "/install goodverify" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is GoodVerify free?
Yes, GoodVerify is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does GoodVerify support?
GoodVerify is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created GoodVerify?
It is built and maintained by Thomas Brewer (@themusicman); the current version is v0.1.0.
More Skills