Back to skill
Skillv1.0.0
ClawScan security
DNS Lookup · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 3:44 AM
- Verdict
- Benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (DNS lookups, reverse DNS, WHOIS, geoip) matches its instructions — it simply forwards domain/IP queries to an external HTTPS API and does not request extra credentials or installs — but it does transmit queries to a third-party service whose logging/privacy and ownership are not independently verified.
- Guidance
- This skill is coherent for DNS lookups but it sends every domain/IP you ask about to a third-party service (https://dns.agentutil.net). Before using it: (1) avoid sending internal or sensitive hostnames/IPs to the service; (2) verify the service's TLS certificate and ownership (homepage is provided but operator is otherwise unknown); (3) review any external privacy or logging policy the operator publishes — the 'no logging' claim is not verifiable from the SKILL.md; (4) consider using local tools (dig/host/whois) or a trusted resolver for confidential queries; and (5) be aware of rate limits and the advertised paid tier (billing via crypto) if you will make many queries.
Review Dimensions
- Purpose & Capability
- okName/description align with the runtime instructions: SKILL.md contains curl examples for DNS lookup, reverse DNS, RDAP WHOIS, and geoip against https://dns.agentutil.net, which is coherent with the stated functionality.
- Instruction Scope
- noteInstructions explicitly send domain names and IP addresses to an external API (https). This is expected for a remote DNS lookup service, but it means potentially sensitive hostnames/IPs are transmitted off-host. The SKILL.md claims the service 'does not store or log input' — that is an unverifiable assertion in the instructions and should be treated cautiously.
- Install Mechanism
- okNo install spec and no code files are present (instruction-only). This is low risk from an installation perspective — nothing is written to disk by an installer.
- Credentials
- okThe skill requires no environment variables or credentials and does not request unrelated secrets. The presence of a paid tier (crypto payment) is noted in SKILL.md but does not require credentials for the free tier; nonetheless, users should be aware the operator may have billing/usage tracking mechanisms (IP hashing, rate limits).
- Persistence & Privilege
- okalways is false and the skill does not request persistent system privileges or modify other skill/system configurations. Autonomous invocation is allowed by default but is not combined here with broad privileges.