← 返回 Skills 市场

OpenMerch Email Verify

Name: OpenMerch Email Verify
Author: kernel-gd

作者 Kernel Studio · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install openmerch-email-verify

功能描述

Verify an email address's deliverability and reputation. Powered by OpenMerch.

使用说明 (SKILL.md)

Email verify (powered by OpenMerch)

Verify whether an email address is deliverable, and surface basic reputation signals (disposable / free-provider / role address, a quality score), for a single address.

This skill uses OpenMerch to plan, route, and execute the check. You give it one email address; it returns a normalized result plus the raw provider output.

Requirements & cost

This skill uses OpenMerch to plan, route, and execute the email check. OpenMerch is an external paid API: you need an OpenMerch account and an API key, and each verification consumes your OpenMerch account balance/credits. The exact price is confirmed by the /v1/plan call before anything runs — that quote is the source of truth for what you pay (currently roughly $0.006–$0.007 per email, depending on OpenMerch pricing policy). The skill never charges more than the planned max_cost. ClawHub does not handle this billing and takes no fee — the charge is between you and OpenMerch.

Get a key from the Developer page in the OpenMerch app and set it as an environment variable:

export OPENMERCH_API_KEY="om_live_xxxxxxxx"
# Optional — defaults to https://api.openmerch.dev:
# export OPENMERCH_BASE_URL="https://api.openmerch.dev"

What this calls

No hidden network behavior. This skill makes only these OpenMerch HTTP calls, in order:

POST {OPENMERCH_BASE_URL}/v1/plan — confirm the job is executable and get the price.
POST {OPENMERCH_BASE_URL}/v1/execute — run the verification (one job).
GET {OPENMERCH_BASE_URL}/v1/jobs/{job_id} — only if the job is still executing, to poll until it finishes.

Every request sends the header X-OpenMerch-Key: $OPENMERCH_API_KEY. POST bodies send Content-Type: application/json. Base URL is OPENMERCH_BASE_URL or https://api.openmerch.dev.

How to run

You can run this two ways. Both do exactly the same calls.

Option A — reference script (deterministic)

Requires Node 18+ (uses built-in fetch; no npm install):

node verify-email.mjs [email protected]

It prints a JSON result to stdout (see "Output" below) and exits non-zero on error.

Option B — agent-driven (instructions)

If you (the agent) are running the flow with your own HTTP tools, follow these steps exactly:

1. Plan. POST /v1/plan:

{ "job_type": "email_reputation_v1", "input": { "email": "\x3CEMAIL>" } }

If the response can_execute is not true, stop and report the reason. Do not execute.
Set max_cost = quoted_customer_price_microcents if present, otherwise estimated_cost.max_microcents. /v1/plan is the source of truth for the price — never hardcode one.

2. Execute. Generate one UUID v4 as idempotency_key for this submission. POST /v1/execute:

{
  "job_type": "email_reputation_v1",
  "input": { "email": "\x3CEMAIL>" },
  "max_cost": \x3Cmax_cost from step 1>,
  "idempotency_key": "\x3Cuuid>"
}

Reuse the same idempotency_key if you retry this same submission (e.g. after a timeout). Generate a new key only for a genuinely new verification. This prevents double charges.

3. Poll only if needed. If the execute response status is "executing", poll GET /v1/jobs/{job_id} every ~1s (cap ~8 tries / ~15s) until status is completed, failed, or cancelled. Most runs return completed immediately and no polling is needed.

4. Report. On completed, present the normalized result (below). On failed/cancelled, report error.code and error.message. Always report cost.total_microcents (the actual amount charged) and the job_id.

curl equivalent

BASE="${OPENMERCH_BASE_URL:-https://api.openmerch.dev}"

# 1. Plan
curl -sS -X POST "$BASE/v1/plan" \
  -H "X-OpenMerch-Key: $OPENMERCH_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"job_type":"email_reputation_v1","input":{"email":"[email protected]"}}'

# 2. Execute
# Replace \x3CMAX_COST_FROM_PLAN> with quoted_customer_price_microcents from /v1/plan,
# or estimated_cost.max_microcents if no quote was returned. Do not hardcode a price.
curl -sS -X POST "$BASE/v1/execute" \
  -H "X-OpenMerch-Key: $OPENMERCH_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"job_type":"email_reputation_v1","input":{"email":"[email protected]"},"max_cost":\x3CMAX_COST_FROM_PLAN>,"idempotency_key":"'"$(uuidgen)"'"}'

# 3. Poll only if status was "executing"
# curl -sS "$BASE/v1/jobs/\x3Cjob_id>" -H "X-OpenMerch-Key: $OPENMERCH_API_KEY"

Output

The skill returns a normalized object. The summary fields are best-effort and appear only when the underlying provider response contains them; raw is always the full, unmodified OpenMerch job output and is the source of truth. cost_usd is derived from the actual charged cost.total_microcents.

{
  "email": "[email protected]",
  "summary": {
    "deliverable": true,
    "is_disposable": false,
    "is_free_email": false,
    "quality_score": 0.95
  },
  "raw": { "...": "verbatim OpenMerch job output" },
  "cost_usd": 0.007,
  "job_id": "…"
}

Notes & limits

One email per run. For a list, call the skill once per address.
The skill executes a single atomic OpenMerch job — no multi-step orchestration.
All monetary values from OpenMerch are in microcents (1 cent = 100,000 microcents; $1.00 = 10,000,000). cost_usd is cost.total_microcents / 10000000.

安全使用建议

Review the bundled autoreview skill before installing. The Convex and ClawHub operational guidance is mostly well-scoped, but run the autoreview helper with `--no-yolo` or `AUTOREVIEW_YOLO=0` unless you intentionally want a nested reviewer to have full local access without approval prompts. Use the moderation and migration workflows only with explicit targets, reasons, dry runs where available, and post-action verification.

能力标签

cryptorequires-sensitive-credentials

能力评估

ℹ Purpose & Capability

The Convex setup, migration, performance, ClawHub moderation, PR maintenance, and UI proof workflows generally match their stated purposes; high-impact moderation and migration commands are disclosed and mostly gated by explicit targets, reasons, confirmation, dry runs, or verification steps.

⚠ Instruction Scope

The autoreview skill's helper defaults to `--dangerously-bypass-approvals-and-sandbox --sandbox danger-full-access`, which is broader authority than a code-review helper clearly needs and may be invoked as a routine closeout step.

✓ Install Mechanism

The skill artifacts are plain local instruction files, references, icons, YAML metadata, and one helper script; I found no hidden install hook or automatic execution path in the skill files themselves.

⚠ Credentials

Most external access is purpose-aligned, such as GitHub PR inspection, Convex setup, package installs, auth-provider configuration, and ClawHub moderation through the repo CLI, but the default full-access nested review mode is overbroad for routine review.

ℹ Persistence & Privilege

I found no hidden persistence or credential harvesting; the skills do use authenticated CLIs and may start long-running dev/proof processes when user-directed, and the autoreview helper can inherit broad local access unless run with `--no-yolo` or `AUTOREVIEW_YOLO=0`.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install openmerch-email-verify
安装完成后，直接呼叫该 Skill 的名称或使用 /openmerch-email-verify 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release: email reputation verification via OpenMerch

元数据

Slug openmerch-email-verify

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题