← Back to Skills Marketplace
2075
Downloads
3
Stars
0
Active Installs
3
Versions
Install in OpenClaw
/install shitty-email
Description
Create and manage temporary disposable email inboxes
Usage Guidance
This skill appears to do only what it says: create and manage temporary inboxes via https://shitty.email using curl/jq. Before installing: (1) Recognize that any email sent to these inboxes (and the verification tokens) is visible to the external service — do NOT use for personal, financial, or otherwise sensitive accounts. (2) The session token returned by the service is effectively a secret that grants access to received messages; confirm how the agent will store or log that token and avoid persistent or shared logging of it. (3) The SKILL.md examples have a small shell typo; treat examples as illustrative. (4) If you do not trust the domain/service operator, prefer a reputable disposable-email provider or run your own disposable inbox service. If you want a deeper risk assessment, provide the agent's storage/secret-handling policy or more information about how tokens are persisted and who can access them.
Capability Analysis
Type: OpenClaw Skill
Name: shitty-email
Version: 1.0.2
The skill provides functionality for creating and managing temporary email inboxes via `https://shitty.email`. All network requests are directed to this single, consistent domain for the stated purpose. There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts designed to subvert the agent's behavior or access sensitive data. The provided shell script examples in `SKILL.md` use standard tools (`curl`, `jq`, `grep`) for API interaction and local data processing, aligning with the skill's described functionality.
Capability Assessment
Purpose & Capability
Name and description match the SKILL.md: it documents creating inboxes, polling, fetching message bodies, extending and deleting inboxes. The declared helper binaries (curl, jq) are the exact tools used in the examples. No unrelated environment variables, credentials, or config paths are requested.
Instruction Scope
Instructions focus on calls to the explicit API (https://shitty.email). They require storing and reusing a session token (the token is effectively an inbox credential). The SKILL.md does not specify how/where to store tokens securely (memory vs persistent storage vs logs). Also note a minor bug in the example: ' {token}=$(...)' appears to be a typo and should be 'token=$(...)' or similar; this is a correctness issue, not a coherence issue. No instructions ask the agent to read unrelated local files or other credentials.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That minimizes disk-write and installation risk.
Credentials
The skill requests no environment variables or external credentials, which is proportional. However, the service issues an inbox 'token' that grants full access to received emails — treat that token like a secret. The skill does not define secure handling/storage for that token, so the agent's implementation could inadvertently persist or leak it (via logs, long-term storage, or other skills).
Persistence & Privilege
always is false and the skill does not request special system-wide privileges. Autonomous invocation (default) would allow the agent to call the external service by itself; this is expected for a networked skill and is not by itself suspicious. Be aware that autonomous calls will transmit email addresses and possibly content to the external service.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install shitty-email - After installation, invoke the skill by name or use
/shitty-email - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.2
- Clarified that the "id" field from inbox responses should be used for fetching email content, not the email address.
- Updated example API responses to reflect correct "id" field usage (e.g. "msg_a1b2c3d4e5").
- Improved instructions for retrieving full email content using the message ID.
v1.0.1
- Updated documentation to use placeholder variables (e.g., {token}, {email_id}) instead of literal shell variables in API call examples.
This is change is to combat confusion that I saw by some bots in the logs.
v1.0.0
Initial release! Instantly create and manage disposable inboxes for signups, testing, and privacy.
- Create temporary email inboxes with a simple command.
- Retrieve, read, and extract codes/links from received emails.
- Extend inbox lifetime up to 24 hours as needed.
- Secure session management using tokens.
- Delete inboxes to clean up when finished.
- Example workflows and best practices included.
Metadata
Frequently Asked Questions
What is Shitty Email?
Create and manage temporary disposable email inboxes. It is an AI Agent Skill for Claude Code / OpenClaw, with 2075 downloads so far.
How do I install Shitty Email?
Run "/install shitty-email" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Shitty Email free?
Yes, Shitty Email is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Shitty Email support?
Shitty Email is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Shitty Email?
It is built and maintained by johanski (@johanski); the current version is v1.0.2.
More Skills