{"id":"khast3x-h8mail","name":"h8mail","af_score":33.8,"security_score":43.5,"reliability_score":27.5,"what_it_does":"h8mail is a Python CLI tool for email OSINT and “breach hunting” style lookup. It matches email patterns from inputs/files/URLs, searches local breach datasets (e.g., BreachCompilation / Collection1-style dumps), and can query multiple third-party breach/recon services (including HaveIBeenPwned and others) for related emails, cleartext credentials, and/or password/hash intelligence depending on the provider and API keys.","best_when":"You have explicit authorization and a legitimate OSINT/research workflow, and you want a consolidated CLI for local breach-dataset searching plus optional lookups against provider APIs.","avoid_when":"You do not have permission to process personal data/credentials, or you need a strictly documented/contracted API interface for programmatic agent use (this is a CLI tool with mixed external dependencies).","last_evaluated":"2026-03-29T14:58:58.496969+00:00","has_mcp":false,"has_api":false,"auth_methods":["API keys via config file (e.g., h8mail_config.ini) and/or CLI -k/--apikey K=V,K=V style","Optional premium/private service keys for certain providers"],"has_free_tier":false,"known_gotchas":["No MCP/REST interface—agent integration must shell out to the CLI and parse CSV/JSON outputs.","Mixed provider integrations with differing rate limits, formats, and auth requirements are likely handled internally, but retry/rate-limit handling guidance is not present in the README.","Passing secrets via CLI flags may expose them in process listings/shell history."],"error_quality":0.0}