ClawHub

IP Threat Check

v1.0.0

Check IP address threat intelligence. Query multiple sources for IP reputation, geolocation, and threat scores.

0· 76·0 current·0 all-time
by@freeter226
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (IP threat checks) align with required binaries (python3), the single environment variable (ABUSEIPDB_API_KEY) and the included script. The script queries ip-api.com and AbuseIPDB, which is coherent with the stated purpose.
Instruction Scope
Runtime instructions are scoped to running the included Python script and supplying an IP or file of IPs. The script performs only network queries to ip-api.com and api.abuseipdb.com and reads a user-provided file for bulk mode. Minor issues: SKILL.md mentions VirusTotal as an optional source but the included script does not call VirusTotal; SKILL.md metadata lists ABUSEIPDB_API_KEY as required while the script treats it as optional (skips AbuseIPDB if not set).
Install Mechanism
There is no install spec (instruction-only with an included script). No external packages are downloaded or executed during install; the only runtime requirement is python3 which is reasonable for a Python script.
Credentials
Only ABUSEIPDB_API_KEY is referenced. This is proportionate to accessing AbuseIPDB. However, registry/metadata and SKILL.md differ about whether that variable is required or optional; the code treats it as optional. No other credentials or unrelated secrets are requested.
Persistence & Privilege
The skill does not request persistent or elevated privileges, does not set always:true, and does not modify other skills or system configuration. It runs only when invoked.
Assessment
This skill appears to do what it says: run the included Python script to query ip-api.com (free) and AbuseIPDB (if you set ABUSEIPDB_API_KEY). Before installing, consider: (1) providing an AbuseIPDB key will send queried IPs to that third party — do not submit private/internal addresses you don't want disclosed; (2) the metadata/README disagree about whether the key is required — the script will simply skip AbuseIPDB if no key is present; (3) SKILL.md mentions VirusTotal but the script does not use it; (4) outbound HTTP(S) calls will be made to ip-api.com and api.abuseipdb.com and may be rate-limited. If you need the skill to use additional sources (e.g., VirusTotal) or to avoid sending certain IP ranges, review/modify the included script before use.

Like a lobster shell, security has layers — review code before you run it.

latestvk970t2yb5pr9qs3gfp0kpydbbx83dpb8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis
Binspython3
EnvABUSEIPDB_API_KEY

Comments