Email Verifier
v1.0.1Verify email address deliverability via SMTP without sending mail. Checks MX records, performs RCPT TO verification, and detects catch-all domains. Use when...
⭐ 0· 692·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (SMTP RCPT checks, MX lookup, catch-all detection) match the included script and SKILL.md. The included Python script implements the stated functionality and the only external dependency (dnspython) is consistent with MX lookups.
Instruction Scope
SKILL.md instructions and the script limit actions to DNS resolution, TCP connections to MX hosts on port 25, CSV/stdin reading, and local rate limiting. The instructions do not read unrelated files or environment variables, nor do they exfiltrate data to external endpoints beyond the target mail servers.
Install Mechanism
No install spec is provided (instruction-only), and the only required package is dnspython (pip). No downloads from unknown URLs or archive extraction are present. The script runs directly with system Python.
Credentials
The skill requires no environment variables, credentials, or config paths. Network access to MX servers is expected and proportional to the stated purpose.
Persistence & Privilege
Skill is not forced-always, has no autonomous-privilege escalation indicators, and does not attempt to modify other skills or system-wide settings.
Assessment
This skill appears to do exactly what it says, but take these practical precautions before using it: (1) Running RCPT checks opens many connections to third-party mail servers and can be interpreted as spam reconnaissance — use only on lists you own or have permission to verify. (2) Run from an environment that permits outbound port 25 (some ISPs block it) and consider using a server or VM with appropriate reputation to avoid IP blacklisting. (3) Respect the provided rate-limiting defaults and do not bulk-run large lists from residential IPs; for large volumes prefer a dedicated verification service. (4) Review the included script (verify_email.py) yourself before running; it performs network I/O (smtplib/dns) but contains no hidden remote endpoints or credential exfiltration. (5) Install dnspython from the official PyPI repository (pip3 install dnspython). If you need higher assurance, run the script inside an isolated VM/container and/or ask for a third-party code review.Like a lobster shell, security has layers — review code before you run it.
latestvk970pfxj6zp1tmepg62ptfaf49817kx8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.