Email OTP

v1.0.0

Create temporary email addresses and monitor for registration OTP codes or validation links

⭐ 0· 276·0 current·0 all-time

by@etopro

MIT-0

Download zip

LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

high confidence

✓

Purpose & Capability

The name/description (temporary email + OTP extraction) matches the included code and runtime instructions. The script talks only to the mail.tm API and manages local state; there are no unrelated credentials, binaries, or system subsystems requested.

ℹ

Instruction Scope

The SKILL.md and the Python script instruct the agent (or user) to create accounts on mail.tm, poll messages, extract OTPs/links, and save results. That scope is appropriate for the stated purpose. Note: the tool stores account credentials (JWT token, email, password) and extracted OTP/links under ~/.tempmail_otp/ and will perform repeated network calls to mail.tm while monitoring — both are expected but worth awareness.

✓

Install Mechanism

No install spec is provided (instruction-only with a bundled script). That is low-risk: nothing is downloaded or written during an install step beyond the included files. The script uses only Python standard library modules.

✓

Credentials

The skill requests no environment variables or external credentials. It does create and persist a JWT token and account credentials obtained from mail.tm, which is proportional to the stated functionality.

ℹ

Persistence & Privilege

always is false and the skill does not modify other skills or system-wide settings. Autonomous invocation (default platform behavior) would allow the agent to run these actions on its own; while normal for skills, be aware an autonomous agent could create accounts and poll mail.tm without further prompts.

Assessment

This skill appears internally consistent with its purpose, but review and consider the following before installing: 1) it creates accounts on a third‑party service (mail.tm) and will send/receive network traffic — confirm you are comfortable with that service's privacy/ToS; 2) it stores account credentials and extracted OTPs/links in ~/.tempmail_otp/ (account.json, last_otp, last_link) — remove that directory to erase state; 3) if you allow the agent to invoke skills autonomously, it could create and poll temporary inboxes without interactive confirmation; 4) if you want extra assurance, inspect the included script (scripts/tempmail_otp.py) yourself or run it in a restricted/sandboxed environment. If any of those concerns are unacceptable, do not enable the skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk972sabp0e65v554et719ck6hh8210yz

License

MIT-0

Free to use, modify, and redistribute. No attribution required.

Termshttps://spdx.org/licenses/MIT-0.html

Email OTP

License

Comments