ClawHub

Domains

Register, manage, and protect domain names with practical DNS and security guidance.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
2 · 695 · 0 current installs · 0 all-time installs
byIván@ivangdavila
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the SKILL.md content: practical domain registration, DNS, transfer, and security guidance. Nothing in the manifest asks for unrelated capabilities or secrets.
Instruction Scope
SKILL.md contains only advisory guidance (no shell commands, no file paths, no env var access, no external endpoints). Instructions stay within the stated purpose and do not direct the agent to collect or transmit user data.
Install Mechanism
No install spec and no code files — lowest-risk model. Nothing will be written to disk or fetched at install time.
Credentials
The skill declares no environment variables, credentials, or config paths. That aligns with an advisory/reference skill that doesn't need access to external services or secrets.
Persistence & Privilege
always is false and the skill is user-invocable (normal defaults). It does not request permanent presence or modification of other skills or system settings.
Assessment
This skill is low-risk: it's a read-only set of domain/DNS best practices and asks for nothing sensitive. Before installing, note that (1) the guidance is general — verify registrar-specific rules and prices before acting, (2) the skill can be invoked autonomously by the agent (default), but its instructions do not perform network calls or access credentials, and (3) do not provide account credentials or auth/EPP codes to any skill or agent; perform sensitive actions (transfers, renewals, credential changes) directly through your registrar's website or trusted interfaces. If you need automation that performs registrar API calls, prefer a skill that explicitly lists required API credentials and uses reputable APIs/clients.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97ey2t6xggqyrb14tn28fwe4n80xeps

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
OSLinux · macOS · Windows

SKILL.md

Domain Management Rules

Before Registration

  • Check availability on the registrar directly — WHOIS lookups from third parties can trigger front-running (someone registers it before you)
  • Search for the domain name + "scam" or "controversy" — previous owners leave reputation baggage
  • Verify trademark conflicts before investing in branding — legal disputes are expensive

Choosing Extensions

  • .com still has highest trust for general audiences — alternatives work but require more brand building
  • Country TLDs (.co.uk, .de) rank better in local search — use them for geo-targeted businesses
  • New TLDs (.io, .ai, .dev) work for tech audiences but confuse mainstream users
  • Premium domains have recurring premium renewal fees, not just higher initial cost — check yearly price

Registration Practices

  • Enable auto-renewal immediately — domains lost to expiration get scooped by squatters within hours
  • Buy WHOIS privacy — public registration data leads to endless spam and social engineering attempts
  • Register for multiple years if the domain is important — shows search engines you're serious
  • Use a dedicated email for registrar accounts — losing access to that email means losing the domain

DNS Fundamentals

  • DNS changes take 24-48 hours to fully propagate — plan migrations accordingly
  • TTL (Time To Live) should be lowered before migrations, raised after — low TTL during normal operation wastes resources
  • A records point to IP addresses, CNAME points to another domain — never CNAME the root domain
  • MX records for email are separate from web hosting — moving hosts doesn't require changing email if MX stays

Security

  • Enable registrar lock (clientTransferProhibited) — prevents unauthorized transfers
  • DNSSEC adds cryptographic verification — worth enabling but breaks if misconfigured
  • Two-factor on registrar account is mandatory — domain hijacking is common attack vector
  • Authorization/EPP code is the password for transfers — treat it like a credential

Transfers

  • 60-day lock after registration or previous transfer — plan ahead, can't transfer immediately
  • Transfers extend registration by one year — not wasted money
  • Unlock domain and get auth code before initiating — missing either blocks the transfer
  • Some TLDs have special transfer rules — .uk, .de, and others differ from standard process

Expiration

  • Grace period (usually 30 days) allows renewal at normal price — but risky, site goes down
  • Redemption period costs 10-20x normal renewal — expensive mistake
  • After redemption, domain goes to auction or open registration — you've lost it
  • Expired domains with backlinks get bought by spammers — protect your brand's domains even if unused

Multi-Domain Strategy

  • Register common misspellings and redirect — typosquatters will otherwise profit from your traffic
  • Consider .com + main country TLD at minimum — others only if brand is valuable
  • Subdomains are free and instant — don't buy domains for every project, use subdomains for experiments
  • Consolidate domains at one registrar — easier management, less credential sprawl

Common Mistakes

  • Registering through web host instead of dedicated registrar — harder to move later, often more expensive
  • Letting domains expire assuming no one cares — competitors and squatters monitor expirations
  • Using registrar's free email forwarding for critical accounts — tied to domain renewal, single point of failure
  • Not documenting which domains exist where — large organizations lose track and lose domains

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…