DNS & Networking
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: dns-networking Version: 1.0.0 The skill bundle provides extensive shell commands for network and DNS diagnostics, including `sudo` commands for system-level configuration like firewall management (`iptables`, `ufw`) and DNS cache flushing. While these capabilities are plausibly needed for the stated purpose of network debugging, they represent a broad range of high-risk operations (shell, network, file access, elevated privileges) without clear malicious intent. No evidence of prompt injection against the agent, data exfiltration, or malicious execution was found in SKILL.md.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the privileged firewall examples could open ports or otherwise change the machine's security posture.
This example requires elevated privileges and changes inbound firewall behavior. That is relevant to firewall debugging, but it can expose local services if run carelessly.
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
Only run privileged firewall commands after confirming the target host, port, and intended effect, and keep a clear rollback plan.
Incorrect hosts-file entries could redirect or break traffic for every program on the local system.
The guide explains local hosts-file overrides, which can immediately affect all name resolution on the machine. This is purpose-aligned for DNS troubleshooting, but mistakes can impact unrelated applications.
# /etc/hosts — local DNS overrides (no TTL, instant)
Use hosts-file overrides narrowly, document temporary changes, and remove them after testing.
Using this pattern for real sensitive traffic could hide certificate problems or make interception easier.
The guide includes a curl option that disables certificate verification. It is explicitly framed as 'debugging only,' so it is purpose-aligned, but unsafe outside controlled troubleshooting.
curl -k https://self-signed.example.com
Use certificate-verification bypass only for temporary diagnostics and avoid it for production or sensitive requests.