ClawHub

DropMail – disposable email manager

v1.0.1

Manage disposable email addresses using GuerrillaMail. Use when a user wants to create a temporary/throwaway email address, check a disposable inbox for mess...

1· 97·0 current·0 all-time
byNikolay@cprite

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for cprite/dropmail.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "DropMail – disposable email manager" (cprite/dropmail) from ClawHub.
Skill page: https://clawhub.ai/cprite/dropmail
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install dropmail

ClawHub CLI

Package manager switcher

npx clawhub@latest install dropmail
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description (disposable email via GuerrillaMail) align with the included script and API reference. No unrelated services, binaries, or credentials are requested.
Instruction Scope
SKILL.md tells the agent to symlink/run the included CLI and describes local storage at ~/.dropmail; the runtime instructions and code focus on API calls, caching, and session handling only. Note: the skill persists PHPSESSID cookies and cached messages to disk (sessions.json and SQLite DB).
Install Mechanism
No install spec — the package is instruction + a single Python script. Nothing is downloaded from arbitrary URLs. The script will be placed on disk when the skill is installed, which is expected for a CLI tool.
Credentials
The skill requests no environment variables or external credentials (appropriate). However, it stores session cookies (PHPSESSID) locally which are sensitive for the GuerrillaMail sessions and should be protected/cleared when not needed.
Persistence & Privilege
always is false; the skill writes files only under the user's home directory (~/.dropmail) which is proportionate for a local CLI tool. It does not request system-wide privileges or modify other skills.
Assessment
This skill appears to do what it says: create and manage GuerrillaMail disposable addresses and cache messages locally. Before installing, review the full scripts (the provided listing was truncated in the report) and consider: 1) sessions.json stores PHPSESSID tokens — treat that file as sensitive and ensure ~/.dropmail has restrictive permissions; 2) the script falls back to an unverified SSL context if the certifi package is missing, which can make API calls vulnerable to MITM on some systems — install certifi or verify TLS behavior; 3) remove cached data (dropmail remove and delete ~/.dropmail) when you no longer need the addresses. If you cannot review the full file, or you need stronger guarantees about TLS and data handling, consider not installing or running the script in an isolated environment.

Like a lobster shell, security has layers — review code before you run it.

latestvk978haf3rpw9wy5qegfhsjm38d84t8hj
97downloads
1stars
2versions
Updated 2w ago
v1.0.1
MIT-0
Nikolay@cprite
latest
Download

DropMail Skill

Create and manage disposable email addresses via GuerrillaMail API. Emails expire after 60 minutes. All data is stored locally in SQLite at ~/.dropmail/dropmail.db.

Installation

Create a symlink to dropmail.py on your PATH:

# System-wide
ln -s <skill-dir>/scripts/dropmail.py /usr/local/bin/dropmail

# User-local
ln -s <skill-dir>/scripts/dropmail.py ~/.local/bin/dropmail

Data is stored at ~/.dropmail/ (auto-created on first run). Requires Python 3.7+, no extra dependencies.

Commands

dropmail new                            # Get a new disposable email
dropmail list                           # List all tracked emails with expiry status
dropmail <email> inbox                  # Show all messages in inbox
dropmail <email> inbox -c 3             # Show last 3 messages only
dropmail <email> refresh                # Fetch new messages from GuerrillaMail API
dropmail <email> read <id>              # Read full body of a message
dropmail <email> remove                 # Remove email + all messages from local DB
dropmail <email> expire                 # Show time remaining before expiry

Typical Workflow

  1. dropmail new — get a fresh email
  2. Share the email address with the untrusted service
  3. dropmail <email> refresh - pull new messages from the server
  4. dropmail <email> inbox - browse received messages
  5. dropmail <email> read <id> - read a specific message
  6. dropmail <email> remove - clean up when done

Notes

  • Data location: All data stored in ~/.dropmail/ (DB + sessions). Auto-created on first run.
  • Sessions: Per-email PHPSESSID cookies stored in ~/.dropmail/sessions.json. Expire after ~18 min of API inactivity.
  • Offline inbox: Messages are cached locally. inbox reads from cache; refresh syncs from server.
  • 403 errors: GuerrillaMail blocks non-browser User-Agents. The script uses Mozilla/5.0 by default. If blocked, check references/api.md.
  • Expiry: Emails last 60 minutes. After expiry, old messages are still accessible by calling set_email_user via refresh.

API Reference

For full GuerrillaMail API details, see references/api.md. Load it when:

  • Debugging API call failures
  • Adding new API features (extend, delete messages, forget)
  • Understanding session/cookie handling

Comments

Loading comments...