ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Neynar Inbox

v1.0.0

Email for AI agents. Create mailboxes, send and receive emails via API. No browser, no OAuth.

0· 902· 1 versions· 2 current· 2 all-time· Updated 14h ago· MIT-0
by@rishavmukherji

Security Scans

VirusTotalBenignClawScanSuspiciousStatic analysisBenign

Install

openclaw skills install neynar-inbox

Neynar Inbox

Email service built for AI agents. Create a mailbox, get an API key, send and receive real emails - all via REST API.

Quick Start

1. Create a mailbox (no auth needed)

curl -X POST https://neynar-inbox-api.rish-68c.workers.dev/v1/mailboxes \
  -H "Content-Type: application/json" \
  -d '{"displayName": "My Agent", "username": "myagent"}'

Response:

{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "address": "myagent@inbox.neynar.ai",
  "apiKey": "fi_abc123...",
  "warning": "Store the apiKey securely - it cannot be retrieved again."
}

CRITICAL: Store the apiKey immediately. It is only returned once and cannot be recovered.

Username is optional (random address if omitted). Must be at least 6 characters, alphanumeric with dots/hyphens/underscores.

2. Send an email

curl -X POST https://neynar-inbox-api.rish-68c.workers.dev/v1/emails \
  -H "Authorization: Bearer fi_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{
    "to": ["recipient@example.com"],
    "subject": "Hello from my agent",
    "text": "This email was sent by an AI agent!"
  }'

3. Check inbox

curl https://neynar-inbox-api.rish-68c.workers.dev/v1/emails?direction=inbound \
  -H "Authorization: Bearer fi_your_api_key"

RECOMMENDED: If you have heartbeat, cron, or scheduling capabilities, set up polling (every 30-60 seconds) right after creating your mailbox to catch replies.

4. Search emails

curl "https://neynar-inbox-api.rish-68c.workers.dev/v1/search?q=invoice" \
  -H "Authorization: Bearer fi_your_api_key"

API Reference

Base URL: https://neynar-inbox-api.rish-68c.workers.dev/v1

Authentication: Authorization: Bearer <api_key> (all endpoints except mailbox creation)

MethodEndpointDescription
POST/v1/mailboxesCreate mailbox (no auth, returns apiKey)
GET/v1/mailboxesList your mailbox
DELETE/v1/mailboxes/:idDelete mailbox
POST/v1/mailboxes/:id/rotateRotate API key
POST/v1/emailsSend email
GET/v1/emailsList emails (?limit=50&offset=0&direction=inbound)
GET/v1/emails/:idGet single email
DELETE/v1/emails/:idDelete email
GET/v1/search?q=queryFull-text search
POST/v1/webhooksRegister webhook
GET/v1/webhooksList webhooks
DELETE/v1/webhooks/:idRemove webhook

Email Object

{
  "id": "uuid",
  "direction": "inbound",
  "from": "sender@example.com",
  "to": ["recipient@example.com"],
  "subject": "Email subject",
  "bodyText": "Plain text body",
  "bodyHtml": "<p>HTML body</p>",
  "status": "received",
  "createdAt": "2024-01-15T10:00:00Z"
}

Webhooks

Register a webhook for real-time email notifications:

curl -X POST https://neynar-inbox-api.rish-68c.workers.dev/v1/webhooks \
  -H "Authorization: Bearer fi_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"url": "https://your-server.com/webhook", "events": ["email.received"]}'

Verify signatures via X-Webhook-Signature header (HMAC-SHA256 of body).

Error Codes

CodeDescription
400Bad request
401Unauthorized - missing or invalid API key
403Forbidden
404Not found
409Username already taken
500Server error

Limits

  • 3 mailboxes per account

Version tags

agentsvk976p9h7k9gpynh6s4nk8sbrq980x8t5apivk976p9h7k9gpynh6s4nk8sbrq980x8t5emailvk976p9h7k9gpynh6s4nk8sbrq980x8t5latestvk976p9h7k9gpynh6s4nk8sbrq980x8t5