HomeNetworkSecurityAgent
Security checks across malware telemetry and agentic risk
Overview
This is a transparent nmap-based home network scanner, but users should only scan networks and IP addresses they are authorized to test and note that it contacts ifconfig.me to learn the public IP.
This skill appears coherent and purpose-aligned for auditing a home network. Before installing or using it, make sure nmap is installed from a trusted source, run scans only on devices and public IPs you own or have permission to test, and be aware that the public-IP lookup uses ifconfig.me.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If pointed at the wrong public IP, the skill could send intrusive scan traffic to a third party or trigger network/provider alerts.
The deep scan path runs nmap service detection against every TCP port on a caller-supplied IP address. This is aligned with the network-audit purpose, but should only be used on authorized targets.
cmd = ['nmap', '-p-', '-sV', '-T4', ip_address]
Confirm the target IP belongs to the user or is explicitly authorized before running scans, especially deep scans.
The public-IP lookup discloses the user's public network address to ifconfig.me.
The skill uses an external service to determine the network's public IP. This is purpose-aligned, but the external service will see the request and the user's public IP.
pub_ip = requests.get('https://ifconfig.me/ip', timeout=5).text.strip()Use the public-IP lookup only if comfortable with that external request, or replace it with a preferred trusted endpoint.