Domain Name Checker
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill appears benign: it performs disclosed domain checks and optional OpenRouter-based brainstorming, with routine cautions about external calls, an optional API key, and Python dependencies.
This skill is reasonable to install if you want domain availability checks. Be aware that basic checks make DNS queries, brainstorming sends your description to OpenRouter and needs an API key, and running via uv/pip may install the declared Python dependencies.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill will run a local command and make DNS lookups for the domains the user asks it to check.
The skill invokes local DNS tooling with the requested domain as an argument. It uses an argument list rather than shell execution and is central to the domain-checking purpose.
subprocess.run(["dig", "+short", "+time=2", "+tries=1", domain, "A"], capture_output=True, text=True, timeout=timeout + 1)
Install only if you are comfortable with the assistant running this Python script for user-requested domain checks.
If brainstorming is used, the skill can consume the user's OpenRouter account quota or billing through the provided API key.
Brainstorm mode reads an OpenRouter API key from the environment and sends it only to the OpenRouter API endpoint. This is disclosed and purpose-aligned, but it is still credential use.
api_key = os.environ.get("OPENROUTER_API_KEY") ... headers={"Authorization": f"Bearer {api_key}", "Content-Type": "application/json"}Use a limited OpenRouter key if possible, and only set OPENROUTER_API_KEY when you want LLM brainstorming.
Project descriptions used for brainstorming may leave the local environment and be processed by OpenRouter and the selected model provider.
The user-provided brainstorm description is sent to OpenRouter for LLM-generated name ideas. This is expected for the feature but is an external provider data flow.
prompt = (f"Generate 10 short, memorable, brandable domain name base words (no TLD) for: {description}\n" ...); resp = httpx.post("https://openrouter.ai/api/v1/chat/completions", ...)Avoid putting confidential business plans, unreleased product details, or sensitive personal information in brainstorm prompts unless that external sharing is acceptable.
Using uv or pip may fetch third-party packages needed for formatting and OpenRouter calls.
The script declares unpinned Python package dependencies, and the README also describes installing them with uv or pip. This is normal for a Python utility but means dependency resolution may occur outside the reviewed files.
# dependencies = ["rich", "httpx"]
Install in a normal managed Python environment and review or pin dependencies if supply-chain control is important.