Is johanski/shitty-email safe?

By design, every email received in the temporary inbox is stored on and served from the shitty.email infrastructure. The service operator has full visibility into email body content, including verification codes, password reset links, and any sensitive information senders include. Users relying on this for 'privacy' are trusting an unknown third party.

Filesystem and auditd events show sensitive credential files (.env, id_rsa, .aws/credentials, etc.) were opened at epoch 1771930000 (pre-clone honeypot creation) and 1771930017 (post-install integrity verification). All opens are CLOSE_NOWRITE (read-only) and the canary integrity check confirms no modifications. These accesses originate from the Oathe audit harness, not from any code in the skill.

The skill is designed to automate the creation of disposable inboxes and the extraction of verification codes. When combined with a browser-automation or form-filling skill, this pipeline can register accounts on third-party services at volume. The use case is benign when user-initiated, but the capability is dual-use.

The polling example in SKILL.md uses {token} (curly-brace substitution without dollar sign) for variable assignment, while the same line uses ${token} for expansion. This is a documentation bug that will cause a shell syntax error if the example is copy-pasted literally. It presents no security risk.

The skill contains only SKILL.md and _meta.json. No package.json, no install scripts, no git hooks, no submodules, no compiled binaries, no symlinks. The bash snippets in SKILL.md are documentation for the agent to interpret and execute on demand, not auto-executed during install.