ClawHub

Agents Mail — Free Email for AI Agents, with No sign-up, No API key needed

v0.4.6

Free email for AI agents. No sign-up needed. One call to get a mailbox and send.

1· 155·0 current·0 all-time
byAgents Mail@huberthe-pro
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the documented behavior (obtain mailbox, send/receive emails). One minor mismatch: the top-line marketing claim 'No API key needed' is misleading — you do not need to pre-provision a key or sign up, but the API returns an API key that you must use for protected endpoints.
Instruction Scope
SKILL.md contains concrete curl examples and higher-level usage patterns (get mailbox, send, check inbox, upgrade, webhooks). It does not instruct reading unrelated local files, scanning system state, or exfiltrating unrelated credentials. It recommends storing the returned API key in an environment variable (reasonable).
Install Mechanism
No install spec and no code files — instruction-only. Nothing is downloaded or written to disk by the skill itself, minimizing install-time risk.
Credentials
The skill declares no required environment variables or credentials. Examples show using an API key and webhook secret returned by the service — those are appropriate for an email API. There are no unrelated credential requests.
Persistence & Privilege
always is false and the skill does not request persistent or elevated platform privileges. The content recommends periodic inbox polling (heartbeat) which is normal for mailbox monitoring; autonomous invocation is allowed by platform default but is not specifically escalated by this skill.
Assessment
This skill is instruction-only and coherent with its stated purpose, but consider these practical cautions before using it: (1) The service issues an API key when you create a mailbox — treat that key like any secret (store securely, avoid embedding in code, rotate if leaked). (2) If you enable automatic heartbeat/inbox polling or webhooks, think about where the agent will send or process incoming email content (sensitive data could flow to your agent or external endpoints). (3) Webhooks require a public HTTPS endpoint and a secret; protect that endpoint and verify HMACs. (4) Review agentsmail.org’s privacy/security policy and assess trust before putting sensitive information in emails or granting an agent autonomous sending. (5) The README’s 'No API key needed' phrasing is misleading — it means no pre-registration, not that no key will be used. If you need higher assurance, inspect the service's backend code or host your own mail service instead.

Like a lobster shell, security has layers — review code before you run it.

ai-agentvk970a7npy6h5p1h7pnr64z5y8x83mvkrchinesevk970a7npy6h5p1h7pnr64z5y8x83mvkrcommunicationvk970a7npy6h5p1h7pnr64z5y8x83mvkremailvk970a7npy6h5p1h7pnr64z5y8x83mvkrfreevk970a7npy6h5p1h7pnr64z5y8x83mvkrlatestvk970a7npy6h5p1h7pnr64z5y8x83mvkr

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments