SpamHole
April 30, 2026 · View on GitHub
Claude Code plugin for AI-assisted defenses against the kind of spam that keyword filters miss — pseudo-personalised wide-scrape outreach, AI-faked "I care" impersonation, and tracking-pixel surveillance.
The premise: traditional spam filtering looks at infrastructure (DKIM, SPF, sender reputation). The new wave of spam passes all of that. It's commercial scraped-list outreach with valid auth, real domains, and AI-generated pseudo-personalisation that pretends to engage with you. The signal is in the intent, not the headers — exactly the kind of thing an LLM is well-suited to reason about.
SpamHole is a personal-corpus tool. You feed it the spam that bothers you, it learns the patterns, and it helps you tune filters, push DNS-level blocks, and (optionally) contribute findings to public anti-tracking lists.
What it does
| Skill | Purpose |
|---|---|
setup-corpus | First-run scaffolding — creates the user's per-machine spam corpus and seeds inventory files |
capture-spam-sample | Lightweight capture flow — save one annoying email, get a filter pattern + system-prompt tuning suggestion + optional unsubscribe reply |
analyse-email | Heavier forensic pipeline — full SSA, tracking detection, markdown report |
bulk-analyse | Run analyse-email over every queued .eml |
scan-tracking-pixels | Surgical pixel scan on one email |
scan-recent-pixels | Bulk pixel sweep across recent inbox messages — reconnaissance |
tracking-report | Read-only summary of accumulated tracker inventory |
block-sender | Server-side Gmail filter via an email MCP, with local-only fallback |
draft-unsubscribe-reply | Compose (and optionally send) a manual unsubscribe-request reply |
export-dns-blocklist | Materialise inventory as Pi-hole / AdGuard / hosts / dnsmasq / unbound |
adguard-configure | One-time setup for AdGuard Home integration |
adguard-push | Push the corpus's tracker domains directly into AdGuard Home (network-wide block) |
contribute-blocklist | Sanitise and prepare a PR-ready contribution to public anti-tracking lists (EasyPrivacy, hagezi, oisd, AdGuard) |
Bundled MCP
mcp/adguard-home/ ships a minimal stdio MCP server wrapping the AdGuard Home REST API. Optional — the adguard-* skills can also drive AdGuard Home directly via HTTP.
Companion plugins
- Google-Workspace-Plugin — provides the email MCP (
gws-personal/gws-business) thatcapture-spam-sample,block-sender,draft-unsubscribe-reply, andscan-recent-pixelsuse to read messages and create Gmail filters. - op-vault — recommended for storing AdGuard Home credentials.
Where data lives
By default, your corpus lives at ${CLAUDE_USER_DATA:-~/.local/share/claude}/spamhole/corpus/. You can override via setup-corpus — many users will want to point it at a private GitHub repo so the corpus is backed up and versioned.
The plugin itself never reads or writes user data outside the configured corpus path.
Privacy
- Raw
.emlfiles often contain personal identifiers (recipient address embedded in tracking links, internal references). Default to keeping the corpus local and private. contribute-blockliststrips per-recipient identifiers, sender display names, subject lines, and full URLs before exporting — only domain-level data leaves the corpus.- 1Password integration (via the
op-vaultplugin) is recommended for any credentials this plugin handles.
Installation
claude plugins install spamhole@danielrosehill
Why "SpamHole"
The corpus is the hole you toss the spam into. SpamHole is also a deliberate riff on Pi-hole — the spiritual cousin of this plugin at the network layer. SpamHole + Pi-hole / AdGuard Home is the pairing.
Status
v0.1 — converted from the earlier Claude-Spam-Processor workspace template. Skills work; the AdGuard Home MCP is a minimal stub that covers the surface the skills need. Expect breaking changes before v1.0.
License
MIT — see LICENSE.