← 返回 Skills 市场
🔌

Have I Been Pwned

作者 OOMOL · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
26
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install oo-haveibeenpwned
功能描述
Have I Been Pwned (haveibeenpwned.com). Use this skill for ANY Have I Been Pwned request — searching and reading data. Whenever a task involves Have I Been P...
使用说明 (SKILL.md)

Have I Been Pwned

Operate Have I Been Pwned through your OOMOL-connected account. This skill calls the haveibeenpwned connector with the oo CLI; OOMOL injects credentials server-side, so you never handle raw tokens.

Category: Security & Identity, Data & Analytics. Exposes 7 action(s).

Running an action

Assume the user has already installed the oo CLI, signed in, and connected Have I Been Pwned. Do not run oo auth login or open the connection URL proactively — just run the action. Fall back to First-time setup only when a command actually fails with an auth or connection error.

1. Inspect the contract to get the authoritative input/output schema before building a payload:

oo connector schema "haveibeenpwned" --action "\x3Caction_name>"

2. Run the action with a JSON payload that matches the input schema:

oo connector run "haveibeenpwned" --action "\x3Caction_name>" --data '\x3Cjson>' --json
  • --data takes a JSON object string or @path/to/file.json; omit it to send {}.
  • The response is { "data": ..., "meta": { "executionId": "..." } }; the execution id lives under meta.executionId.

Each action below links to a reference file with its purpose and exact commands. Read the linked file, then fetch the live schema with oo connector schema before constructing --data.

Available actions

  • get_breach — Get one breach by its stable HIBP Name value.
  • get_latest_breach — Get the most recently added breach in Have I Been Pwned.
  • get_subscription_status — Get the current subscription details for the connected HIBP API key.
  • list_breaches — List breaches in Have I Been Pwned and optionally filter by domain or spam-list flag.
  • list_data_classes — List all data classes currently used by breaches in Have I Been Pwned.
  • list_pastes_for_account — List paste exposures for an email address from Have I Been Pwned.
  • search_breached_account — Search full HIBP breach models for an email address, with optional domain and unverified-breach filters.

Safety

  • Read actions (get / list / search) are safe to run directly.
  • Create, update, send, or post actions change Have I Been Pwned state — confirm the exact payload and effect with the user before running.
  • Delete or remove actions are destructive — always confirm the target and get explicit approval first.

First-time setup

These are one-time steps — do not repeat them on every call. Run a step only when a command fails for the matching reason.

  • oo: command not found — install the oo CLI (other platforms: \x3Chttps://cli.oomol.com/install-guide.md>):

    curl -fsSL https://cli.oomol.com/install.sh | bash    # macOS / Linux

    irm https://cli.oomol.com/install.ps1 | iex           # Windows PowerShell

  • Not signed in / authentication error — sign in to your OOMOL account once:

    oo auth login

  • scope_missing / credential_expired / app_not_ready / app_not_found — Have I Been Pwned is not connected, or the connection expired or lacks a scope. Connect once (auth type: API key) at:

    https://console.oomol.com/app-connections?provider=haveibeenpwned

  • HTTP 402 / OOMOL_INSUFFICIENT_CREDIT — billing stop. Recharge at https://console.oomol.com/billing/token-recharge before retrying.

Resources

安全使用建议
Install only if you trust OOMOL's CLI and connector service with HIBP API access. Prefer the documented installer or a verified package over the embedded pipe-to-shell commands, and confirm before querying other people's email addresses or subscription details.
能力标签
requires-sensitive-credentials
能力评估
Purpose & Capability
The stated purpose, actions, and metadata align around HIBP breach, paste, data-class, and subscription lookups; this naturally involves sensitive email addresses and an HIBP API key handled by OOMOL server-side.
Instruction Scope
Runtime instructions are mostly scoped to `oo connector schema/run haveibeenpwned`, but the trigger says to use the skill for any HIBP request and marks read/search actions safe to run directly, which could send user-provided identifiers without an explicit per-query confirmation.
Install Mechanism
First-time setup includes `curl ... | bash` and PowerShell `irm ... | iex` remote installer commands when the `oo` CLI is missing, without checksum/signature verification or an explicit approval step before executing fetched code.
Credentials
The allowed tool scope is `Bash(oo *)`, which is broader than the individual HIBP read actions and can interact with the user's OOMOL account; the artifact text constrains intended use, but the granted CLI authority is broad.
Persistence & Privilege
The artifacts show no background workers, deletion, local indexing, or hidden persistence, but setup may establish a durable OOMOL login and connected HIBP credential for later connector use.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install oo-haveibeenpwned
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /oo-haveibeenpwned 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
- Adds the initial `oo-haveibeenpwned` skill for operating Have I Been Pwned through an OOMOL-connected account without handling raw API tokens locally. - Supports searching breach exposure for email accounts, including full breach models with optional domain and unverified-breach filters. - Provides breach lookup workflows for listing breaches, filtering by domain or spam-list status, retrieving a specific breach by HIBP name, and fetching the latest added breach. - Includes paste exposure lookup for email addresses and data-class discovery across Have I Been Pwned breach records. - Adds subscription status checks for the connected HIBP API key, with action references and schema-first `oo connector` usage guidance.
元数据
Slug oo-haveibeenpwned
版本 1.0.0
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Have I Been Pwned 是什么?

Have I Been Pwned (haveibeenpwned.com). Use this skill for ANY Have I Been Pwned request — searching and reading data. Whenever a task involves Have I Been P... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 26 次。

如何安装 Have I Been Pwned?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install oo-haveibeenpwned」即可一键安装,无需额外配置。

Have I Been Pwned 是免费的吗?

是的,Have I Been Pwned 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Have I Been Pwned 支持哪些平台?

Have I Been Pwned 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Have I Been Pwned?

由 OOMOL(@oomol)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 留言讨论