Traceroute Tool
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: traceroute-tool Version: 1.0.0 The traceroute-tool is a straightforward wrapper for the system's native traceroute utility. The implementation in scripts/traceroute.py uses subprocess.run safely with a list of arguments, preventing shell injection, and the SKILL.md documentation accurately describes its network diagnostic purpose without any suspicious instructions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill can send diagnostic network traffic to external hosts and may reveal that the user's machine or network contacted those destinations.
The skill runs the local traceroute command against a user-supplied host, which is expected for network path diagnostics but still performs outbound network probing.
subprocess.run(['traceroute', host])
Use it only for hosts you are authorized to diagnose, and review the destination before allowing the agent to run it.
The skill may fail or behave differently depending on which traceroute implementation is installed locally.
The metadata does not declare any required binary, while the script relies on the system traceroute command. This is an installation/provenance clarity issue, not evidence of malicious behavior.
Required binaries (all must exist): none; Required binaries (at least one): none
Confirm that a trusted traceroute binary is installed on the system before using the skill.