← Back to Skills Marketplace
manojkottam

TestTau

by Manoj Kottam · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
51
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install testtau
Description
Use TestTau when an AI agent needs disposable email inboxes, private API-key protected test inboxes, webhook capture, request inspection, replay, or JSON Sch...
README (SKILL.md)

TestTau

TestTau gives agents disposable mail and webhook endpoints for tests:

  • Public mail: send to \x3Cinbox>@mail.testtau.com, inspect at https://mail.testtau.com/i/\x3Cinbox>.
  • Public hooks: send to https://hook.testtau.com/\x3ChookId>, inspect at https://hook.testtau.com/_/\x3ChookId>.
  • Private mail and hooks: use the user's TestTau Account page to create an API key, then send reads/config requests with Authorization: Bearer \x3Ckey>.

Use a unique name per task, for example agent-\x3Cpurpose>-\x3Cshort-random>. Valid names start with a lowercase letter or number and may contain lowercase letters, numbers, ., _, +, or -.

Public Disposable Mail

Use public mail when the inbox can be readable by anyone who knows the name.

  1. Choose an inbox name, such as agent-login-7k3p.
  2. Tell the system under test to email [email protected].
  3. Wait for the message:
curl -fsS "https://mail.testtau.com/i/agent-login-7k3p/api/wait?timeout=15000&subject=Verify"
  1. Read parsed JSON:
curl -fsS "https://mail.testtau.com/i/agent-login-7k3p/api/message/\x3CmessageId>/json"

Important fields include fromAddr, toAddr, subject, textBody, htmlBody, preview, attachments, and links.raw.

Private Mail

Use private mail when the test email must not be visible in a public inbox.

  1. Ask the user for their TestTau private inbox name and API key, or direct them to https://testtau.com/account.
  2. Send mail to \x3CprivateInbox>@mail.testtau.com.
  3. Read with a bearer token:
curl -fsS \
  -H "Authorization: Bearer $TESTTAU_MAIL_KEY" \
  "https://mail.testtau.com/private/i/\x3CprivateInbox>/api/wait?timeout=15000&subject=Verify"

Never put private keys in URLs. Use Authorization: Bearer.

Public Webhook Capture

Use public hooks when captured requests can be visible to anyone with the hook id.

HOOK_ID="agent-webhook-7k3p"
curl -fsS -X POST "https://hook.testtau.com/$HOOK_ID" \
  -H "content-type: application/json" \
  -d '{"event":"agent.test","ok":true}'

curl -fsS "https://hook.testtau.com/_/$HOOK_ID/api/list"

Open https://hook.testtau.com/_/\x3ChookId> for the live inspector.

Private Hooks

Use private hooks when inspection, replay, config, wipe, and assertions must require an API key.

curl -fsS -X POST "https://hook.testtau.com/private/\x3ChookId>" \
  -H "content-type: application/json" \
  -d '{"event":"agent.private"}'

curl -fsS \
  -H "Authorization: Bearer $TESTTAU_HOOK_KEY" \
  "https://hook.testtau.com/private/_/\x3ChookId>/api/list"

Schema Assertions

For webhook contract tests, configure a JSON Schema and use the assert endpoint as a CI gate.

START="$(date +%s%3N)"

curl -fsS -X PUT "https://hook.testtau.com/_/\x3ChookId>/api/config" \
  -H "content-type: application/json" \
  -d '{"schema":"{\"type\":\"object\",\"required\":[\"event\"]}","schemaFailMode":"capture"}'

# Trigger the system under test here.

curl -fsS "https://hook.testtau.com/_/\x3ChookId>/api/assert?since=$START&min_count=1"

For private hooks, add -H "Authorization: Bearer $TESTTAU_HOOK_KEY" to config, list, request, replay, wipe, and assert calls.

Limits And Safety

  • Public captures are disposable and should not receive production secrets, PII, or credentials.
  • Public mail and hooks are name-based; anyone with the name can inspect them.
  • Signed-in private tools require bearer tokens for reads and management.
  • Current free private limits: 100 private mail messages per account period and 1,000 private hook captures per account period.
  • Mail retention is 48 hours, public inbox storage is 100 messages, mail attachments are capped at 5 MB, and hook request bodies are capped at 1 MiB.

When Done

Return the exact inbox or hook id used, the inspect URL, and the message/request id if one was captured. If a wait timed out, report that explicitly and include the URL the user can open manually.

Usage Guidance
Install this only if you intend to use TestTau for QA or integration testing. Use private inboxes/hooks for sensitive test data, keep bearer tokens out of URLs and logs, avoid sending production secrets or PII to public captures, and confirm before using wipe or replay endpoints.
Capability Tags
requires-oauth-tokenrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The documented capabilities match the stated QA/testing purpose: disposable email inboxes, webhook capture, request inspection, replay, and schema assertions.
Instruction Scope
The skill clearly distinguishes public and private resources, but its default prompt and implicit invocation setting are broad enough that users should prefer explicit TestTau requests before creating endpoints or sharing inspect URLs.
Install Mechanism
The artifact contains only Markdown and YAML instructions, with no executable scripts, package dependencies, installers, or hidden setup behavior.
Credentials
Network calls to TestTau and optional bearer-token use are expected for the purpose; public resources are explicitly described as name-based and visible to anyone who knows the name.
Persistence & Privilege
No local persistence, privilege escalation, background worker, broad file access, or credential harvesting is present; remote message/capture retention and limits are disclosed.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install testtau
  3. After installation, invoke the skill by name or use /testtau
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial TestTau agent skill for disposable mail and webhook testing
Metadata
Slug testtau
Version 1.0.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is TestTau?

Use TestTau when an AI agent needs disposable email inboxes, private API-key protected test inboxes, webhook capture, request inspection, replay, or JSON Sch... It is an AI Agent Skill for Claude Code / OpenClaw, with 51 downloads so far.

How do I install TestTau?

Run "/install testtau" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is TestTau free?

Yes, TestTau is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does TestTau support?

TestTau is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created TestTau?

It is built and maintained by Manoj Kottam (@manojkottam); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments