ClawHub

IP归属地信息查询

v0.1.1

IP地址归属地查询。查询指定IPv4地址的归属信息,包括国家、省份、城市、运营商(ISP)。使用场景:用户说"查一下这个IP"、"这个IP是哪里的"、"帮我查IP归属地"、"XX.XX.XX.XX是哪个城市"、"这个IP是什么运营商"、"批量查询这些IP"等。通过聚合数据(juhe.cn)API实时查询,支持单个...

1· 132·0 current·0 all-time
byJenius.cn@jenius-cn·duplicate of juhe-ip-lookup
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description, declared requirements (python3 and JUHE_IP_KEY), SKILL.md and the included Python script all align: the code calls juhe.cn's IP lookup API, handles private/IPv6 checks, and formats output. Required items are proportionate to the stated purpose.
!
Instruction Scope
The runtime instructions and script are narrowly scoped to extracting IPv4 addresses and calling the juhe API. However there is a mismatch: SKILL.md shows an HTTPS example (https://apis.juhe.cn/...), but the script uses http://apis.juhe.cn/ip/ipNewV3 (plain HTTP). Sending the API key over HTTP can expose the key in transit; this is a security/configuration concern rather than misdirection.
Install Mechanism
No install spec; code is instruction-only plus one small Python script. Nothing is downloaded or extracted by the skill itself, so there's no high-risk install behavior.
Credentials
Only JUHE_IP_KEY is required (declared as primaryEnv), which is appropriate for this API client. Note the script reads an optional scripts/.env file and environment variable; storing the key in plaintext there is convenient but carries local-storage risk. The HTTP endpoint used by the script increases risk of key exposure in transit.
Persistence & Privilege
always is false and the skill does not request persistent system-wide privileges or modify other skills. Autonomous invocation is allowed by default (normal for skills) and not combined here with broad credential access.
Assessment
This skill is internally consistent and implements the advertised juhe.cn IP-geo lookup. Before installing: (1) prefer using HTTPS — update the script to use https://apis.juhe.cn/ip/ipNewV3 to avoid exposing your JUHE_IP_KEY in transit; (2) be careful where you store the API key (environment variable is recommended over a plaintext scripts/.env file); (3) understand that queried IPs and your API key are sent to juhe.cn (check their privacy/TOS); (4) the free tier has daily limits (described in SKILL.md); and (5) if you need stricter security, verify TLS usage and consider restricting the key's scope (if supported) or rotating the key regularly.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bh9r0gz28p20tzkv203114d83gaf4

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🌐 Clawdis
Binspython3
EnvJUHE_IP_KEY
Primary envJUHE_IP_KEY

Comments