Breached Email Check

v1.0.0

Check if an email has appeared in known data breaches and get detailed breach history, severity, compromised data, and remediation recommendations.

⭐ 0· 203·0 current·0 all-time

byToolWeb@krishnakumarmahadevan-cmd

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for krishnakumarmahadevan-cmd/toolweb-breached-email-check.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "Breached Email Check" (krishnakumarmahadevan-cmd/toolweb-breached-email-check) from ClawHub.
Skill page: https://clawhub.ai/krishnakumarmahadevan-cmd/toolweb-breached-email-check
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install toolweb-breached-email-check

ClawHub CLI

Package manager switcher

npx clawhub@latest install toolweb-breached-email-check

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

Name, description, and SKILL.md behavior align: it checks an email against breach databases and returns breach details. The endpoints and outputs described match the stated purpose.

ℹ

Instruction Scope

Runtime instructions are limited to calling an external API to check emails and returning breach data — that is within scope. However, the SKILL.md explicitly instructs sending email addresses to portal.toolweb.in (and to pass an API key or MCP argument), which means user-supplied emails will be transmitted off-platform; SKILL.md does not include privacy/retention rules or limits on what context to include when calling the API.

✓

Install Mechanism

Instruction-only skill with no install spec or code files — nothing is written to disk and no external installers are used.

Credentials

SKILL.md requires an API key via an X-API-Key header or 'mcp_api_key', but the registry metadata declares no required environment variables or primary credential. This mismatch is important: the skill will need credentials to function (and to be useful), but none are declared. The skill will transmit potentially sensitive email addresses to an external service, which requires explicit vetting of the credential handling and trust in the remote API provider.

✓

Persistence & Privilege

always is false, no system config paths or persistent privileges are requested. Autonomous invocation is allowed (platform default) — note this increases the blast radius because the skill sends data externally, but the skill itself does not request unusual privilege escalation.

What to consider before installing

This skill looks like what it says (an external breach-check API), but the SKILL.md expects an API key while the registry metadata declares no required credential — that's an incoherence you should resolve before installing. Before using: 1) Ask the publisher to declare the required API key/env var in the skill metadata (and confirm where the key is stored and how it's protected). 2) Verify the external API domain (toolweb.in) and the publisher's identity/terms/privacy policy; confirm TLS and data-retention practices. 3) Consider privacy: the skill will send email addresses (and possibly other context) to a third party — avoid sending sensitive or production emails until you're confident in the provider. 4) If you allow autonomous invocation, be aware the agent could send user emails automatically; restrict scope or require explicit user approval for every check. 5) Test with non-sensitive example emails and confirm expected behavior and error handling before enabling in production.

Like a lobster shell, security has layers — review code before you run it.

latestvk97dk46fszcktackqnmdvb84x5837r2m

203downloads

0stars

1versions

Updated 22h ago

v1.0.0

MIT-0

Breached Email Check

Check whether an email address has appeared in known data breaches. Submit any email address and get back a breach history report — including which breaches exposed the address, what data types were compromised, breach dates, and remediation recommendations. Essential for user onboarding security checks, employee credential monitoring, and threat exposure assessments.

Usage

{
  "tool": "breached_email_check",
  "input": {
    "email": "user@example.com"
  }
}

Parameters

Field	Type	Required	Description
`email`	string	✅	The email address to check against known data breach databases

What You Get

Breach status — whether the email has been found in any known breaches
Breach list — names of breaches the email appeared in, with dates
Compromised data types — what was exposed per breach (passwords, phone numbers, physical addresses, credit cards, etc.)
Breach severity rating — overall risk level based on sensitivity of exposed data
Paste exposure — whether the email has appeared in public paste sites (Pastebin, etc.)
Remediation guidance — specific actions to take based on breach findings (password reset, MFA, account monitoring)

Example Output

{
  "email": "user@example.com",
  "breached": true,
  "breach_count": 3,
  "severity": "High",
  "breaches": [
    {
      "name": "LinkedIn (2012)",
      "date": "2012-06-05",
      "compromised_data": ["Email Addresses", "Passwords"],
      "description": "Password hashes exposed in large-scale breach; later cracked and published",
      "verified": true
    },
    {
      "name": "Adobe (2013)",
      "date": "2013-10-04",
      "compromised_data": ["Email Addresses", "Password Hints", "Passwords", "Usernames"],
      "description": "Source code and encrypted credentials exposed for 153 million accounts",
      "verified": true
    },
    {
      "name": "DataBreach.com (2020)",
      "date": "2020-03-21",
      "compromised_data": ["Email Addresses", "Phone Numbers", "Physical Addresses"],
      "description": "Aggregated breach data compilation including PII from multiple sources",
      "verified": false
    }
  ],
  "paste_exposure": true,
  "paste_count": 1,
  "remediation": [
    "Change passwords on all accounts using this email address immediately",
    "Enable multi-factor authentication (MFA) on all associated accounts",
    "Check for unauthorized account activity on LinkedIn and Adobe",
    "Consider using a unique email alias for sensitive accounts going forward",
    "Monitor credit report if physical address was exposed"
  ]
}

When email is clean

{
  "email": "safe@example.com",
  "breached": false,
  "breach_count": 0,
  "severity": "None",
  "breaches": [],
  "paste_exposure": false,
  "paste_count": 0,
  "remediation": [
    "No known breaches found — continue using strong, unique passwords",
    "Enable MFA as a proactive measure"
  ]
}

Use Cases

User onboarding — check if a new user's email is in known breaches at signup
Employee security audits — identify staff with exposed credentials before they become an attack vector
Threat exposure assessment — assess corporate email domain exposure across your workforce
Password reset triggers — automatically prompt users with breached emails to reset credentials
Security awareness — show users their personal breach history to drive MFA adoption

API Reference

Base URL: https://portal.toolweb.in/apis/security/breached-email-check

Endpoint	Method	Description
`/check-breach`	POST	Check an email address against known data breach databases

Authentication: Pass your API key as X-API-Key header or mcp_api_key argument via MCP.

Pricing

Plan	Daily Limit	Monthly Limit	Price
Free	5 / day	50 / month	$0
Developer	20 / day	500 / month	$39
Professional	200 / day	5,000 / month	$99
Enterprise	100,000 / day	1,000,000 / month	$299

About

ToolWeb.in — 200+ security APIs, CISSP & CISM certified, built for enterprise security practitioners.

Platforms: Pay-per-run · API Gateway · MCP Server · OpenClaw · RapidAPI · YouTube

Comments

Loading comments...