How is the token used?

The token identifies your inbox session and must be sent in the X-Session-Token header for all operations.

How long does an inbox stay open?

Inboxes default to 1 hour and can be extended up to 24 hours total.

Can I send emails from this inbox?

No. Shitty Email supports receiving emails only.

Shitty Email

@johanski

npx machina-cli add skill @johanski/shitty-email --openclaw

Files (1)

SKILL.md

3.9 KB

Shitty Email - Temporary Inbox Skill

Create disposable email addresses instantly. Perfect for signups, testing, and privacy.

When to Use This Skill

Use this skill when the user needs to:

Create a temporary/disposable email address
Sign up for a service without using their real email
Test email sending functionality
Wait for a verification or confirmation email
Extract codes or links from emails

Important: Token Management

When you create an inbox, you receive a token. This token is required for ALL subsequent operations. Always store and reuse the token for the same inbox session.

API Reference

Base URL: https://shitty.email

Create a New Inbox

curl -s -X POST https://shitty.email/api/inbox | jq

Response:

{
  "email": "abc1234@shitty.email",
  "token": "a1b2c3d4e5f6..."
}

Store both the email and token - you need the token for all other operations.

Check Inbox for Emails

curl -s -H "X-Session-Token: {token}" https://shitty.email/api/inbox | jq

Response:

{
  "emails": [
    {
      "id": "msg_a1b2c3d4e5",
      "from": "sender@example.com",
      "subject": "Welcome!",
      "date": "2026-02-03T12:00:00Z"
    }
  ]
}

Get Full Email Content

Use the id field from the inbox response (e.g. msg_a1b2c3d4e5). This is NOT the email address.

curl -s -H "X-Session-Token: {token}" https://shitty.email/api/email/{email_id} | jq

Response includes html and text fields with the email body.

Extend Inbox Lifetime

Inboxes expire after 1 hour by default. Extend by 1 hour (max 24 hours total):

curl -s -X POST -H "X-Session-Token: {token}" https://shitty.email/api/inbox/extend | jq

Delete Inbox

Clean up when done:

curl -s -X DELETE -H "X-Session-Token: {token}" https://shitty.email/api/inbox

Common Workflows

Wait for a Verification Email

Poll the inbox until an email matching criteria arrives:

# Create inbox
RESPONSE=$(curl -s -X POST https://shitty.email/api/inbox)
EMAIL=$(echo $RESPONSE | jq -r '.email')
{token}=$(echo $RESPONSE | jq -r '.token')

# Poll for emails (check every 5 seconds, max 60 seconds)
for i in {1..12}; do
  EMAILS=$(curl -s -H "X-Session-Token: ${token}" https://shitty.email/api/inbox)
  COUNT=$(echo $EMAILS | jq '.emails | length')
  if [ "$COUNT" -gt "0" ]; then
    echo "Email received!"
    echo $EMAILS | jq '.emails[0]'
    break
  fi
  sleep 5
done

Extract Verification Code

After receiving an email, extract common verification patterns:

# Get email content
CONTENT=$(curl -s -H "X-Session-Token: ${token}" https://shitty.email/api/email/${email_id} | jq -r '.text')

# Common patterns to look for:
# - 6-digit codes: grep -oE '[0-9]{6}'
# - Verification links: grep -oE 'https?://[^ ]+verify[^ ]*'

Best Practices

Reuse tokens - Don't create new inboxes unnecessarily
Poll responsibly - Wait 5 seconds between checks
Clean up - Delete inbox when done to free resources
Extend if needed - If waiting for slow emails, extend the inbox

Limitations

Inboxes expire after 1 hour (extendable to 24 hours max)
Email size limit: 1MB
Rate limited: Don't spam inbox creation
No outbound email - receive only

Example Conversation

User: "Create a temp email for me" → Call POST /api/inbox, return the email address, store the token

User: "Sign me up for newsletter.example.com" → Use the temp email to fill the signup form, then poll for confirmation

User: "Did I get the confirmation?" → Check inbox using stored token, report results

User: "What's the verification code?" → Fetch email content, extract the code pattern, return it

User: "I'm done, delete the inbox" → Call DELETE /api/inbox with the token

Source

git clone https://clawhub.ai/johanski/shitty-emailView on GitHub

Overview

Shitty Email creates disposable inboxes instantly and provides a session token to manage them. You can sign up without exposing your real address, wait for verification emails, and extract codes or links from received messages. Tokens must be stored and reused for all subsequent operations in the same session.

How This Skill Works

Create an inbox with a POST to /api/inbox to receive an email address and a token. Use the token in the X-Session-Token header for all actions (check inbox, fetch email, extend, delete). Inboxes expire after 1 hour by default and can be extended up to 24 hours.

When to Use It

Create a temporary/disposable email address for signups
Sign up for a service without using a real email
Test email sending functionality
Wait for a verification or confirmation email
Extract codes or links from received emails

Quick Start

Step 1: Create a new inbox: POST https://shitty.email/api/inbox and save the email and token
Step 2: Check for new emails using the token: curl -s -H "X-Session-Token: {token}" https://shitty.email/api/inbox | jq
Step 3: When finished, delete the inbox: curl -s -X DELETE -H "X-Session-Token: {token}" https://shitty.email/api/inbox

Best Practices

Reuse tokens for the same inbox session to avoid unnecessary inbox creation
Poll responsibly by checking every 5 seconds or as needed
Clean up by deleting the inbox when you're done
Extend the inbox lifetime if you anticipate slow emails
Store both the email address and token securely for later use

Example Use Cases

Create a temp email and sign up for a service without exposing your real address
Wait for a verification email after signing up and check for the confirmation
Fetch a 6-digit verification code from the received email content
Extend the inbox by an hour to catch a delayed message
Delete the inbox after completing the workflow

Frequently Asked Questions

Add this skill to your agents