← Back to Skills Marketplace
snipercat69

Dark Web Credential Checker

by snipercat69 · GitHub ↗ · v1.4.0 · MIT-0
cross-platform ⚠ suspicious
68
Downloads
0
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install edgeiq-dark-web-credential-checker
Description
Checks if email addresses or usernames appear in public data breaches and dark web leaks, reporting exposed data types and breach details.
README (SKILL.md)

Dark Web Credential Checker

Skill Name: dark-web-credential-checker Version: 1.0.0 Category: OSINT / Breach Monitoring Price: Lifetime: $39 / Optional Monthly: $7/mo (includes all Pro features permanently) Author: EdgeIQ Labs OpenClaw Compatible: Yes — Python 3, pure stdlib + requests, WSL + Linux

What It Does

Checks whether an email address or username has appeared in known data breaches and dark web exposures. Searches public breach databases and paste sites, extracts exposed records, and reports on the types of data leaked (passwords, personal info, payment data, etc.).

⚠️ Legal Notice: This tool queries public breach databases and dark web monitoring services. Do not use it for unauthorized access or to stalk others. For personal use only.

Features

  • Email breach search — check if an email appears in known breaches
  • Username lookup — search across breach compilations by username/handle
  • Breach source identification — lists which sites/services were compromised
  • Exposed data classification — categorizes what was exposed (passwords, emails, PII, payment data)
  • Date of breach — shows when the breach occurred
  • Password hash detection — identifies if cracked password hashes were exposed
  • JSON export — structured report for personal records or security audits

Tier Comparison

Feature Free Lifetime ($39) Optional Monthly ($7/mo)
Email breach check ✅ (3 emails) ✅ (unlimited) ✅ (unlimited)
Username search
Full breach source report
Exposed data classification
Password hash detection
JSON export
Dark web monitoring (monthly)

Installation

cp -r /home/guy/.openclaw/workspace/apps/dark-web-credential-checker ~/.openclaw/skills/dark-web-credential-checker

Usage

Basic email check (free tier)

python3 credential_checker.py --email "[email protected]"

Pro username + breach source search

[email protected] python3 credential_checker.py \
  --email "[email protected]" \
  --username "johndoe" \
  --pro

Full bundle scan with JSON report

[email protected] python3 credential_checker.py \
  --email "[email protected]" \
  --bundle --output breach-report.json

As OpenClaw Discord Command

In #edgeiq-support channel:

!breach [email protected]
!breach [email protected] --pro
!breach [email protected] --username johndoe --bundle

Parameters

Flag Type Default Description
--email string Email address to check
--username string Username/handle to search
--pro flag False Enable Pro features
--bundle flag False Enable Bundle features
--output string Write JSON report to file
--timeout int 15 Request timeout (seconds)

Output Example

=== Dark Web Credential Checker ===
Query: [email protected]

  [1m[91m🔴 BREACH FOUND — 4 exposures detected[0m

  [1m[91m🔴[0m Site: Adobe (2013)
    Exposed: Email, encrypted password, username
    Severity: HIGH — password hash exposed
    Date: Nov 2013

  [1m[93m🟡[0m Site: LinkedIn (2016)
    Exposed: Email, password (bcrypt)
    Severity: HIGH — 117M accounts sold online
    Date: May 2016

  [1m[93m🟡[0m Site: AdultFriendFinder (2016)
    Exposed: Email, username, IP address
    Severity: MEDIUM
    Date: May 2016

  [1m[92m✔[0m No breaches detected for username: johndoe

  Recommendation: Change password on all 4 affected accounts.
    Especially: Adobe and LinkedIn (passwords were cracked and sold)

  Threat Level: CRITICAL — 2 high-severity password exposures found

Pricing

Lifetime License: $39 — your tool forever, all features included permanently. Optional Monthly: $7/mo — for those who prefer recurring billing (cancel anytime). 👉 Buy Lifetime — $39 👉 Subscribe Monthly — $7/mo 👉 Subscribe Monthly — $7/mo

Pro Upgrade (deprecated)

All features now included in Lifetime purchase.

Data Sources

Public breach databases including (but not limited to):

  • Have I Been Pwned (HIBP) API
  • Leak detection from public paste bins
  • Known breach compilations (DeHashed, LeakCheck, etc.)

Support

Open a ticket in #edgeiq-support or email [email protected]

🔗 More from EdgeIQ Labs

edgeiqlabs.com — Security tools, OSINT utilities, and micro-SaaS products for developers and security professionals.

  • 🛠️ Subdomain Hunter — Passive subdomain enumeration via Certificate Transparency
  • 📸 Screenshot API — URL-to-screenshot API for developers
  • 🔔 uptime.check — URL uptime monitoring with alerts
  • 🛡️ headers.check — HTTP security headers analyzer

👉 Visit edgeiqlabs.com →

Usage Guidance
This package appears to implement breach-checking but contains several inconsistencies you should consider before installing: 1) The registry lists no required env vars but the code reads EDGEIQ_EMAIL and EDGEIQ_LICENSE_KEY and ~/.edgeiq/license.key — be aware it will read files from your home directory and honor environment variables. 2) The code contains a hard-coded developer email that automatically unlocks premium behavior; do not set EDGEIQ_EMAIL to that address if you want to avoid enabling extra features. 3) The implementation mostly uses a local simulated breach DB rather than the real APIs advertised; if you need authoritative results use official services (HaveIBeenPwned, DeHashed) with your own API keys. 4) Provenance is unclear (README points to a GitHub repo user that doesn't match the registry owner); prefer code from a verifiable source. Recommended actions: review the full source locally before running, run the script in a sandboxed environment, avoid supplying sensitive credentials or license keys until you trust the origin, monitor/network-inspect the process on first run to see what endpoints it contacts, and prefer known, audited breach-checking services for sensitive investigations.
Capability Analysis
Type: OpenClaw Skill Name: edgeiq-dark-web-credential-checker Version: 1.4.0 The skill bundle is a credential breach checker that uses a combination of the legitimate 'Have I Been Pwned' (HIBP) API and simulated results. Analysis of 'credential_checker.py' and 'edgeiq_licensing.py' reveals no evidence of data exfiltration, credential theft, or malicious execution; the script primarily hashes user input to deterministically select breach records from a hardcoded internal list. While the 'SKILL.md' includes a hardcoded installation path (/home/guy/) and the tool's breach detection is largely simulated, there are no indicators of intentional harm or prompt injection attacks against the AI agent.
Capability Tags
cryptocan-make-purchasesrequires-sensitive-credentials
Capability Assessment
Purpose & Capability
The skill claims to query public breach DBs (HIBP, DeHashed). The shipped code primarily uses a local simulated breach database and deterministic hashing rather than real API calls; it does optionally call a HIBP-like endpoint. The registry metadata lists no required env vars, but the code expects/uses EDGEIQ_EMAIL and EDGEIQ_LICENSE_KEY and reads a license file under the user's home directory (~/.edgeiq/license.key). Those environment/file accesses are not declared in the registry and are not strictly necessary to perform a basic breach check, so the declared requirements don't fully match the actual behavior.
Instruction Scope
SKILL.md instructs running the provided Python script and shows examples using EDGEIQ_EMAIL; it does not document reading local license files or the exact EDGEIQ_LICENSE_KEY behavior. The runtime instructions do not instruct exfiltration or access unrelated system paths, but the code will read ~/.edgeiq/license.key and may accept EDGEIQ_LICENSE_KEY/EDGEIQ_EMAIL for licensing logic — this is not fully surfaced in the registry metadata. Network calls to public breach APIs are optional and constrained, but the documentation and code differ on some runtime details (e.g., simulated vs real queries).
Install Mechanism
No install spec is provided (instruction-only with accompanying code files). No external installers or downloads are invoked by the skill itself. This is lower risk from an install-mechanism perspective.
Credentials
Registry metadata declares no required environment variables, but both SKILL.md and the code use environment variables (EDGEIQ_EMAIL, EDGEIQ_LICENSE_KEY) and read a file at ~/.edgeiq/license.key and ~/.edgeiq/stripe_licenses.json. The code also contains a hard-coded developer email ([email protected]) that automatically grants 'bundle' access — an undocumented bypass that is disproportionate and surprising for this type of skill. Requesting or reading license files from the user's home directory and silently accepting a developer email as a license are behaviors that should be declared and justified but are not.
Persistence & Privilege
The skill does not request always:true, does not modify other skills' configs, and does not persist new system-wide settings. It reads a license file from the user's home directory but does not write to system-wide locations. No elevated platform privileges are requested.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install edgeiq-dark-web-credential-checker
  3. After installation, invoke the skill by name or use /edgeiq-dark-web-credential-checker
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.4.0
v1.4.0: URGENT FIX — corrected Stripe Payment Link URLs (no suffixes, correct live URLs)
v1.3.0
v1.3.0: CRITICAL FIX — replaced placeholder Stripe URLs with real working Payment Link checkout URLs
v1.2.0
v1.2.0: Dual pricing — Lifetime as primary purchase option with optional monthly. Updated Stripe checkout URLs.
Metadata
Slug edgeiq-dark-web-credential-checker
Version 1.4.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 3
Frequently Asked Questions

What is Dark Web Credential Checker?

Checks if email addresses or usernames appear in public data breaches and dark web leaks, reporting exposed data types and breach details. It is an AI Agent Skill for Claude Code / OpenClaw, with 68 downloads so far.

How do I install Dark Web Credential Checker?

Run "/install edgeiq-dark-web-credential-checker" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Dark Web Credential Checker free?

Yes, Dark Web Credential Checker is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Dark Web Credential Checker support?

Dark Web Credential Checker is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Dark Web Credential Checker?

It is built and maintained by snipercat69 (@snipercat69); the current version is v1.4.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments