ClawHub

Exposure Sentinel

v1.0.0

Check if IP addresses are listed on the OpenClaw Exposure Watchboard (openclaw.allegro.earth). Use when you need to verify whether specific IPs are publicly...

0· 193·0 current·0 all-time
by@chenhaubin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the implementation: the Python script fetches pages from https://openclaw.allegro.earth and searches for the target IP(s). No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to run the included script to scan the public site. The instructions do not ask the agent to read local files, environment variables, or transmit results to other endpoints. Note: the tool performs broad network requests (all pages on the site) which is consistent with the claimed full-site scan.
Install Mechanism
This is an instruction-only skill with no install spec. The bundled script depends on aiohttp (and Python 3.9+ annotations); the skill does not declare or install that dependency. That is not malicious but you should ensure the runtime has the required Python packages available.
Credentials
The skill requests no environment variables, credentials, or config paths. The lack of secrets is proportionate to a public-site scraping/checking tool.
Persistence & Privilege
The skill is not always-enabled and does not modify agent/system configuration. It does not request persistent privileges or autonomy beyond normal agent invocation.
Assessment
This skill appears to do what it says: run the included Python script to check the public OpenClaw Exposure Watchboard for IPs. Before installing/running, confirm you have a compatible Python environment and install aiohttp. Be aware the script aggressively fetches thousands of pages with 50 concurrent connections — that can generate significant traffic and could be considered abusive by the target site; consider lowering CONCURRENT_LIMIT or contacting the site owner, obey robots.txt and terms of service, and avoid running scans from sensitive networks. If you need more assurance, inspect the script yourself or run it from an isolated environment (rate-limit / proxy) to avoid accidental abuse.

Like a lobster shell, security has layers — review code before you run it.

latestvk975jmpdcwmyk9d4hpvtdxbn7d82pb2w

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments