Network Scanner
ReviewAudited by ClawScan on May 10, 2026.
Overview
This looks like a real network-scanning tool, but it exposes broad stealth-capable scanning and a Discord wrapper that runs a hardcoded external script path, so it should be reviewed before use.
Install only if you need authorized network scanning. Before use, fix the hardcoded Discord wrapper path, confirm the code version/source, restrict targets to networks you own or have written permission to scan, and treat deep, proxy, stealth, and high-concurrency scans as high-impact actions requiring explicit approval.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could be used to scan networks you do not control, potentially triggering abuse reports, IDS alerts, account restrictions, or service disruption.
The skill documents full-range scanning, stealth-oriented rate limiting, and proxy support. These are aligned with reconnaissance, but they are high-impact capabilities and are not bounded to authorized targets by the artifacts.
`deep` | 1–65535 ... `--rate-delay` for stealth/stealth scanning ... `--proxy socks5://host:port`
Use explicit per-target approval, restrict scans to allowlisted CIDRs/domains, and make proxy, stealth, deep, and high-concurrency scans opt-in with clear warnings.
Using the Discord command could execute an unexpected local file rather than the scanner included with the skill package.
The Discord wrapper executes an absolute developer-local path instead of resolving the bundled scanner.py. If that path is stale, missing, or replaced, the wrapper may run code outside the reviewed installed artifact.
SCRIPT_PATH = "/home/guy/.openclaw/workspace/apps/network-scanner/scanner.py" ... subprocess.run(cmd, capture_output=True, text=True, timeout=180)
Replace the hardcoded path with a path resolved relative to the wrapper file, and ensure the wrapper only runs the reviewed bundled scanner.
It is harder to verify which exact code version is being installed and run.
The documentation version does not match the registry version shown in metadata, and the install instructions reference a local workspace path rather than a pinned source or package install mechanism.
**Version:** `1.2.0` ... `cp -r /home/guy/.openclaw/workspace/apps/network-scanner ~/.openclaw/skills/network-scanner`
Publish a consistent version, provide a normal install spec or repository URL, and remove developer-local path assumptions.