ClawHub

Ssl Certcheck

v1.0.0

Check SSL/TLS certificates for any hostname — expiry dates, issuer, SANs, protocol version, cipher suite. Use when asked to check if a certificate is valid,...

0· 77·1 current·1 all-time
by@rogue-agent1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included Python scripts which open an SSL socket to a hostname, read the peer certificate, and report expiry, SANs, issuer, protocol, and cipher. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md and README only instruct running the bundled Python script against user-supplied hostnames/ports and printing JSON or human-readable output. The runtime instructions do not read other files, environment variables, or external endpoints beyond the TLS connection to the target host.
Install Mechanism
No install spec is provided (scripts are bundled). Execution relies on system python3 and the included files. The code is plain Python using stdlib ssl/socket — there are no downloads or obscure install steps.
Credentials
The skill requests no environment variables, secrets, or credentials. The script only uses network access to the hostnames the user supplies, which is appropriate for the stated purpose.
Persistence & Privilege
always is false and the skill does not persist configuration; however, it makes outbound network connections to arbitrary hosts supplied by the agent. If you allow autonomous invocation, the agent could be instructed to probe internal or external hosts without further prompts — consider invocation policies accordingly.
Assessment
This skill appears to be what it says: a simple Python SSL certificate inspector that makes TLS connections to hostnames you provide. Before installing, consider: (1) the scripts will open network connections to any host the agent is asked to check — don't allow autonomous runs in environments where you don't want network probes of internal services; (2) the bundle contains two identical scripts (root and scripts/), which is harmless but worth noting; (3) if you need stricter isolation, run the script locally or in a container rather than permitting autonomous agent invocations. If you need extra assurance, review the included certcheck.py source (it's short and uses only the Python stdlib).

Like a lobster shell, security has layers — review code before you run it.

latestvk97fnm0t1fzmabv04nm0z3fcf983qh02

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments