一键导入
agentmail
Email infrastructure for AI agents. Create accounts, send/receive emails, manage webhooks, and check karma balance via the AgentMail API.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Email infrastructure for AI agents. Create accounts, send/receive emails, manage webhooks, and check karma balance via the AgentMail API.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
基于 SOC 职业分类
Use this skill to write and execute robust AI-powered end-to-end (E2E) tests for the web application using Playwright and Zerostep.
Codebase intelligence for JavaScript and TypeScript. Free static layer reports quality, changed-code risk, cleanup opportunities (unused files, exports, types, dependencies), code duplication, circular dependencies, complexity hotspots, architecture boundary violations, feature flag patterns, and opt-in security candidates. Runtime coverage merges production execution data into the same health report for hot-path review, cold-path deletion confidence, and stale-flag evidence, with a single local capture available by default and continuous/cloud runtime monitoring available as an optional mode. 118 framework plugins, zero configuration, sub-second static analysis. Use when asked to analyze code health, audit PR risk, find cleanup opportunities or unused code, detect duplicates, check circular dependencies, audit complexity, check architecture boundaries, detect feature flags, surface security candidates, clean up the codebase, auto-fix issues, merge runtime coverage, or run fallow.
Persistent per-project memory for Claude Code. Auto-loads project context on session start, tracks sessions with git activity, and writes to native memory. Commands run deterministic Node.js scripts — behavior is consistent across model versions.
Arquitecto de Soluciones Principal y Consultor Tecnológico de Andru.ia. Diagnostica y traza la hoja de ruta óptima para proyectos de IA en español.
Security audit, hardening, threat modeling (STRIDE/PASTA), Red/Blue Team, OWASP checks, code review, incident response, and infrastructure security for any project.
Ingeniero de Sistemas de Andru.ia. Diseña, redacta y despliega nuevas habilidades (skills) dentro del repositorio siguiendo el Estándar de Diamante.
| name | agentmail |
| description | Email infrastructure for AI agents. Create accounts, send/receive emails, manage webhooks, and check karma balance via the AgentMail API. |
| risk | safe |
| source | community |
AgentMail gives AI agents real email addresses (@theagentmail.net) with a REST API. Agents can send and receive email, sign up for services (GitHub, AWS, Slack, etc.), and get verification codes. A karma system prevents spam and keeps the shared domain's reputation high.
Base URL: https://api.theagentmail.net
All requests require Authorization: Bearer am_... header (API key from dashboard).
curl -X POST https://api.theagentmail.net/v1/accounts \
-H "Authorization: Bearer am_..." \
-H "Content-Type: application/json" \
-d '{"address": "my-agent@theagentmail.net"}'
Response: {"data": {"id": "...", "address": "my-agent@theagentmail.net", "displayName": null, "createdAt": 123}}
curl -X POST https://api.theagentmail.net/v1/accounts/{accountId}/messages \
-H "Authorization: Bearer am_..." \
-H "Content-Type: application/json" \
-d '{
"to": ["recipient@example.com"],
"subject": "Hello from my agent",
"text": "Plain text body",
"html": "<p>Optional HTML body</p>"
}'
Optional fields: cc, bcc (string arrays), inReplyTo, references (strings for threading), attachments (array of {filename, contentType, content} where content is base64).
# List messages
curl https://api.theagentmail.net/v1/accounts/{accountId}/messages \
-H "Authorization: Bearer am_..."
# Get full message (with body and attachments)
curl https://api.theagentmail.net/v1/accounts/{accountId}/messages/{messageId} \
-H "Authorization: Bearer am_..."
curl https://api.theagentmail.net/v1/karma \
-H "Authorization: Bearer am_..."
Response: {"data": {"balance": 90, "events": [...]}}
curl -X POST https://api.theagentmail.net/v1/accounts/{accountId}/webhooks \
-H "Authorization: Bearer am_..." \
-H "Content-Type: application/json" \
-d '{"url": "https://my-agent.example.com/inbox"}'
Webhook deliveries include two security headers:
X-AgentMail-Signature -- HMAC-SHA256 hex digest of the request body, signed with the webhook secretX-AgentMail-Timestamp -- millisecond timestamp of when the delivery was sentVerify the signature and reject requests with timestamps older than 5 minutes to prevent replay attacks:
import { createHmac } from 'crypto';
const verifyWebhook = (body: string, signature: string, timestamp: string, secret: string) => {
if (Date.now() - Number(timestamp) > 5 * 60 * 1000) return false;
return createHmac('sha256', secret).update(body).digest('hex') === signature;
};
curl https://api.theagentmail.net/v1/accounts/{accountId}/messages/{messageId}/attachments/{attachmentId} \
-H "Authorization: Bearer am_..."
Returns {"data": {"url": "https://signed-download-url..."}}.
| Method | Path | Description | Karma |
|---|---|---|---|
| POST | /v1/accounts | Create email account | -10 |
| GET | /v1/accounts | List all accounts | |
| GET | /v1/accounts/:id | Get account details | |
| DELETE | /v1/accounts/:id | Delete account | +10 |
| POST | /v1/accounts/:id/messages | Send email | -1 |
| GET | /v1/accounts/:id/messages | List messages | |
| GET | /v1/accounts/:id/messages/:msgId | Get full message | |
| GET | /v1/accounts/:id/messages/:msgId/attachments/:attId | Get attachment URL | |
| POST | /v1/accounts/:id/webhooks | Register webhook | |
| GET | /v1/accounts/:id/webhooks | List webhooks | |
| DELETE | /v1/accounts/:id/webhooks/:whId | Delete webhook | |
| GET | /v1/karma | Get balance + events |
Every action has a karma cost or reward:
| Event | Karma | Why |
|---|---|---|
money_paid | +100 | Purchase credits |
email_received | +2 | Someone replied from a trusted domain |
account_deleted | +10 | Karma refunded when you delete an address |
email_sent | -1 | Sending costs karma |
account_created | -10 | Creating addresses costs karma |
Important rules:
When karma reaches 0, sends and account creation return HTTP 402. Always check balance before operations that cost karma.
import { createClient } from '@agentmail/sdk';
const mail = createClient({ apiKey: 'am_...' });
// Create account
const account = await mail.accounts.create({
address: 'my-agent@theagentmail.net',
});
// Send email
await mail.messages.send(account.id, {
to: ['human@example.com'],
subject: 'Hello',
text: 'Sent by an AI agent.',
});
// Read inbox
const messages = await mail.messages.list(account.id);
const detail = await mail.messages.get(account.id, messages[0].id);
// Attachments
const att = await mail.attachments.getUrl(accountId, messageId, attachmentId);
// att.url is a signed download URL
// Webhooks
await mail.webhooks.create(account.id, {
url: 'https://my-agent.example.com/inbox',
});
// Karma
const karma = await mail.karma.getBalance();
console.log(karma.balance);
import { AgentMailError } from '@agentmail/sdk';
try {
await mail.messages.send(accountId, { to: ['a@b.com'], subject: 'Hi', text: 'Hey' });
} catch (e) {
if (e instanceof AgentMailError) {
console.log(e.status); // 402, 404, 401, etc.
console.log(e.code); // "INSUFFICIENT_KARMA", "NOT_FOUND", etc.
console.log(e.message);
}
}
const account = await mail.accounts.create({
address: 'signup-bot@theagentmail.net',
});
// Use the address to sign up (browser automation, API, etc.)
// Poll for verification email
for (let i = 0; i < 30; i++) {
const messages = await mail.messages.list(account.id);
const verification = messages.find(
(m) => m.subject.toLowerCase().includes('verify') || m.subject.toLowerCase().includes('confirm')
);
if (verification) {
const detail = await mail.messages.get(account.id, verification.id);
// Parse verification link/code from detail.bodyText or detail.bodyHtml
break;
}
await new Promise((r) => setTimeout(r, 2000));
}
const sent = await mail.messages.send(account.id, {
to: ['human@company.com'],
subject: 'Question about order #12345',
text: 'Can you check the status?',
});
for (let i = 0; i < 60; i++) {
const messages = await mail.messages.list(account.id);
const reply = messages.find((m) => m.direction === 'inbound' && m.timestamp > sent.timestamp);
if (reply) {
const detail = await mail.messages.get(account.id, reply.id);
// Process reply
break;
}
await new Promise((r) => setTimeout(r, 5000));
}
type Account = { id: string; address: string; displayName: string | null; createdAt: number };
type Message = {
id: string;
from: string;
to: string[];
subject: string;
direction: 'inbound' | 'outbound';
status: string;
timestamp: number;
};
type MessageDetail = Message & {
cc: string[] | null;
bcc: string[] | null;
bodyText: string | null;
bodyHtml: string | null;
inReplyTo: string | null;
references: string | null;
attachments: AttachmentMeta[];
};
type AttachmentMeta = { id: string; filename: string; contentType: string; size: number };
type KarmaBalance = { balance: number; events: KarmaEvent[] };
type KarmaEvent = {
id: string;
type: string;
amount: number;
timestamp: number;
metadata?: Record<string, unknown>;
};