← 返回 Skills 市场
307
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install email-otp
功能描述
Create temporary email addresses and monitor for registration OTP codes or validation links
使用说明 (SKILL.md)
Email OTP Skill
A skill for creating temporary email addresses and automatically extracting OTP codes and validation links from incoming emails. Uses the free mail.tm API (no API key required).
When to Use This Skill
Invoke this skill when the user asks to:
- Create a temporary email address
- Get a disposable email for signup/verification
- Check for OTP (one-time password) codes
- Wait for email verification links
- Monitor an inbox for authentication codes
Quick Start
# Create a new temporary email
python3 scripts/tempmail_otp.py create
# Monitor for OTP codes (5 minute timeout)
python3 scripts/tempmail_otp.py check
# List current account and messages
python3 scripts/tempmail_otp.py list
Commands
Create Account
python3 scripts/tempmail_otp.py create [OPTIONS]
Options:
-e, --email ADDRESS- Custom full email address-d, --domain DOMAIN- Specific domain to use-p, --password PASSWORD- Account password (auto-generated if not specified)--json- Output as JSON
Example:
python3 scripts/tempmail_otp.py create --domain "marcilzo.com"
Check for OTP/Links
python3 scripts/tempmail_otp.py check [OPTIONS]
Options:
--timeout SECONDS- Max seconds to wait (default: 300)--poll SECONDS- Poll interval in seconds (default: 3)--sender EMAIL- Only accept emails from this sender--subject TEXT- Only accept emails with this in subject--pattern REGEX- Custom regex pattern for OTP extraction--once- Exit after first OTP found--json- Output messages as JSON
Examples:
# Wait up to 2 minutes for OTP
python3 scripts/tempmail_otp.py check --timeout 120
# Only accept emails from [email protected]
python3 scripts/tempmail_otp.py check --sender "[email protected]"
# Exit immediately after finding OTP
python3 scripts/tempmail_otp.py check --once
List Account and Messages
python3 scripts/tempmail_otp.py list
Shows the current account details and all messages in the inbox with extracted links.
List Available Domains
python3 scripts/tempmail_otp.py domains [--json]
Output Files
When an OTP or link is found, the script automatically saves them to the unified state directory:
~/.tempmail_otp/last_otp- Contains the last extracted OTP code~/.tempmail_otp/last_link- Contains the first interesting validation link found~/.tempmail_otp/account.json- Account credentials (JWT token, email, password)
All state files are stored in ~/.tempmail_otp/ with restricted permissions (0600).
OTP Detection Patterns
The script automatically detects OTP codes using these patterns:
- 6-8 digit numbers (most common)
- 4 digit numbers
- "code: XXXXXX" format
- "verification: XXXXXX" format
- "otp: XXXXXX" format
Link Extraction
The script extracts all HTTP/HTTPS links from email HTML, filtering out:
- Unsubscribe links
- Tracking links
- Image files (.png, .jpg, .gif)
State Management
All state is stored in a unified directory: ~/.tempmail_otp/
account.json- Account credentials and JWT token (created bycreatecommand)last_otp- Most recent OTP code extracted (created bycheckcommand)last_link- First validation link extracted (created bycheckcommand)
Files have restricted permissions (0600) for security. The check and list commands automatically use stored credentials.
Design Rationale
The unified state directory follows best practices for CLI tools:
- No project pollution - No temporary files are created in your working directory
- Predictable location - All state is in one place, easy to find and clean up
- Cross-session persistence - Works from any directory on your system
- Permission safety - Sensitive credentials have proper file permissions
To reset all state: rm -rf ~/.tempmail_otp/
Typical Workflow
- Create account - Generate a new temporary email address
- Use email - Provide the email during service signup
- Monitor inbox - Run the check command to wait for OTP/link
- Extract code - OTP is automatically displayed and saved to
~/.tempmail_otp/last_otp - Verify - Use the OTP or link to complete verification
Example Session
# Create a temp email
$ python3 scripts/tempmail_otp.py create
Email: [email protected]
Password: f8e4d2a1-1234-5678-9abc-123456789abc
Domain: marcilzo.com
Account saved to /home/user/.tempmail_otp/account.json
# In another terminal, wait for OTP
$ python3 scripts/tempmail_otp.py check --once
Monitoring: [email protected]
Timeout: 300s | Poll interval: 3s
--------------------------------------------------
📧 New email from: [email protected]
Subject: Your verification code
✅ OTP FOUND: 842197
OTP saved to /home/user/.tempmail_otp/last_otp
--------------------------------------------------
Error Handling
- If email address is already taken, the script automatically retries with a new username
- Network errors are logged and the script continues polling
- Invalid account state prompts to recreate the account
API
This skill uses the mail.tm REST API:
- Base URL:
https://api.mail.tm - Authentication: JWT Bearer token
- No API key required
Notes
- Temporary emails may expire after inactivity periods
- Some services may block temporary email domains
- The script automatically handles account creation and JWT token management
- OTP patterns cover most common formats, but custom regex can be provided via
--pattern
安全使用建议
This skill appears internally consistent with its purpose, but review and consider the following before installing: 1) it creates accounts on a third‑party service (mail.tm) and will send/receive network traffic — confirm you are comfortable with that service's privacy/ToS; 2) it stores account credentials and extracted OTPs/links in ~/.tempmail_otp/ (account.json, last_otp, last_link) — remove that directory to erase state; 3) if you allow the agent to invoke skills autonomously, it could create and poll temporary inboxes without interactive confirmation; 4) if you want extra assurance, inspect the included script (scripts/tempmail_otp.py) yourself or run it in a restricted/sandboxed environment. If any of those concerns are unacceptable, do not enable the skill.
功能分析
Type: OpenClaw Skill
Name: email-otp
Version: 1.0.0
The OpenClaw skill 'email-otp' is designed to create temporary email addresses and extract OTPs/links using the mail.tm API. The code (scripts/tempmail_otp.py) and documentation (SKILL.md, README.md) are transparent, well-structured, and align with the stated purpose. It securely stores account credentials and extracted data in `~/.tempmail_otp/` with restricted permissions (0600). There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts against the AI agent. While the `--pattern` option for custom regex could theoretically be abused for ReDoS, this is a vulnerability of a feature, not an indicator of malicious intent by the skill author.
能力评估
Purpose & Capability
The name/description (temporary email + OTP extraction) matches the included code and runtime instructions. The script talks only to the mail.tm API and manages local state; there are no unrelated credentials, binaries, or system subsystems requested.
Instruction Scope
The SKILL.md and the Python script instruct the agent (or user) to create accounts on mail.tm, poll messages, extract OTPs/links, and save results. That scope is appropriate for the stated purpose. Note: the tool stores account credentials (JWT token, email, password) and extracted OTP/links under ~/.tempmail_otp/ and will perform repeated network calls to mail.tm while monitoring — both are expected but worth awareness.
Install Mechanism
No install spec is provided (instruction-only with a bundled script). That is low-risk: nothing is downloaded or written during an install step beyond the included files. The script uses only Python standard library modules.
Credentials
The skill requests no environment variables or external credentials. It does create and persist a JWT token and account credentials obtained from mail.tm, which is proportional to the stated functionality.
Persistence & Privilege
always is false and the skill does not modify other skills or system-wide settings. Autonomous invocation (default platform behavior) would allow the agent to run these actions on its own; while normal for skills, be aware an autonomous agent could create accounts and poll mail.tm without further prompts.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install email-otp - 安装完成后,直接呼叫该 Skill 的名称或使用
/email-otp触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of email-otp skill.
- Create temporary email addresses using the mail.tm API (no API key needed).
- Automatically extract OTP codes and validation links from incoming emails.
- Command-line interface to create accounts, monitor inboxes, filter/send OTPs, and list available domains.
- Stores all state and credentials securely in `~/.tempmail_otp/`.
- Saves most recent OTP and verification link to dedicated files for easy retrieval.
- Includes flexible filtering (sender, subject, custom regex) and robust error handling.
元数据
常见问题
Email OTP 是什么?
Create temporary email addresses and monitor for registration OTP codes or validation links. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 307 次。
如何安装 Email OTP?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install email-otp」即可一键安装,无需额外配置。
Email OTP 是免费的吗?
是的,Email OTP 完全免费(开源免费),可自由下载、安装和使用。
Email OTP 支持哪些平台?
Email OTP 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Email OTP?
由 etopro(@etopro)开发并维护,当前版本 v1.0.0。
推荐 Skills