ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Network Scan

v1.0.0

Scans specified network targets and ports using nmap with options for speed, timeout, host limits, and exclusions, returning detailed JSON results.

0· 571·3 current·4 all-time
by@apacheua
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's name, SKILL.md and main.py all consistently implement network scanning with nmap. However, the registry metadata and SKILL.md do not declare the actual runtime dependency on the nmap binary and the python-nmap package (the code imports 'nmap' and checks for the nmap program). That missing dependency declaration is an incoherence: a network-scan tool reasonably needs nmap, but the package metadata/instructions do not request or document it.
Instruction Scope
SKILL.md instructs only to provide target and ports and returns JSON results; the code follows that scope and does not read other files or external config. It does allow scanning arbitrary IPs/ranges which can be misused or legally problematic if run without permission — this is expected for a scanner but worth highlighting.
!
Install Mechanism
There is no install spec but the runtime requires the nmap program and the python 'nmap' module. Without an install step or clear documentation, users may run this in environments missing these dependencies. The code does not fetch remote code or use suspicious external URLs, so the install risk is about missing/undeclared requirements rather than malicious downloads.
Credentials
The skill requests no environment variables or credentials (appropriate). However, network scanning itself is a sensitive capability: consider whether autonomous scans are permitted for target networks and whether scans could trigger IDS/IPS or legal issues. No env vars are requested or accessed by the code.
Persistence & Privilege
The skill does not request persistent/always-on privileges, does not modify other skills or system configuration, and is user-invocable only. Autonomous invocation is allowed by platform default but not escalated by this skill's metadata.
What to consider before installing
This skill implements nmap-based network scanning and the code matches that purpose, but it fails to declare that it needs the nmap binary and the python 'nmap' library. Before installing or using: (1) ensure you have permission to scan the target networks (unauthorized scanning can be illegal or disruptive); (2) install nmap on the host and the python-nmap package, or the tool will return an error; (3) consider testing locally on a lab network first; (4) review the code (it does not exfiltrate data or call external endpoints), but note the unused 'subprocess' import and the skill will produce the exact nmap command line it runs — verify that output if you need auditability; (5) if you want clearer safety, ask the publisher to add an install spec and explicit documentation of the nmap/python-nmap requirements and to limit autonomous invocation or add usage constraints.

Like a lobster shell, security has layers — review code before you run it.

latestvk97d4ch8escj09dr3zbd6zh0a581p0gw

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments