Network Scanner
PassAudited by VirusTotal on May 10, 2026.
Overview
Type: OpenClaw Skill Name: edgeiq-network-scanner-v2 Version: 1.2.0 The bundle provides a network reconnaissance tool with capabilities for host discovery, port scanning, service fingerprinting, and CVE matching (scanner.py). While the code is well-structured and its behavior is consistent with the stated purpose in SKILL.md, it provides high-risk capabilities (reconnaissance and vulnerability detection) that could be used for unauthorized activities. It includes licensing logic (edgeiq_licensing.py) and a Discord wrapper (discord_network_command.py) that uses subprocess to execute the scanner. No evidence of intentional malice, such as data exfiltration or backdoors, was found. IOC: edgeiqlabs.com.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Scanning the wrong target can disrupt services, trigger security alerts, or create legal exposure.
The skill exposes broad/deep network scan options plus proxy and rate-limiting controls. This is central to a network scanner and disclosed, but it can be misused against unauthorized networks.
Port Scanning — ... deep (1–65535) ... Rate Limiting — `--rate-delay` for stealth/stealth scanning ... Proxy Support
Use only on networks you own or have explicit written permission to test; set target ranges, port ranges, and concurrency deliberately.
If wired to a Discord bot without external permissions, Discord users could trigger scans or view scan reports.
The Discord wrapper turns a chat command argument into a scan target and returns scan output. Access control and channel restrictions are not implemented in this wrapper.
cmd = ["python3", SCRIPT_PATH, target, "--format", "discord", "--depth", depth]
Restrict Discord access to trusted users and authorized targets, and log or review scan requests.
The Discord command may fail or may execute a different local scanner.py than the one the user reviewed.
The wrapper uses an absolute local path instead of resolving scanner.py from the installed skill directory, creating portability and provenance ambiguity.
SCRIPT_PATH = "/home/guy/.openclaw/workspace/apps/network-scanner/scanner.py"
Change the wrapper to resolve scanner.py relative to its own file and verify the installed code before deployment.
Invoking the wrapper runs local scanning code and consumes network/system resources.
The wrapper spawns a local Python subprocess. It uses a no-shell argument list and timeouts, so this is expected for running the scanner, but it is still local command execution.
result = subprocess.run(cmd, capture_output=True, text=True, timeout=180)
Keep the no-shell invocation, validate inputs, and deploy only where local command execution is intended.