Intodns
v2.0.1DNS & email security analysis powered by IntoDNS.ai - scan domains for DNS, DNSSEC, SPF, DKIM, DMARC, MTA-STS, BIMI issues. Includes free generator tools, 26...
⭐ 0· 101·0 current·0 all-time
byRosco@rosconl
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description match the instructions: all endpoints, tools, and guidance relate to DNS and email security scanning. No unrelated binaries, credentials, or config paths are requested.
Instruction Scope
SKILL.md only instructs the agent to validate domain input, call public API endpoints (via curl), present results in a prescribed report format, and link to generator/knowledge pages. It does not request reading local secrets, other files, or contacting unexpected third parties. The only local write is an optional report.pdf download, which is proportional to a reporting feature.
Install Mechanism
No install spec or code is included (instruction-only), so nothing is written to disk or fetched during install. This is the lowest-risk model and is appropriate for a simple API wrapper.
Credentials
No environment variables, credentials, or config paths are required. The skill uses a public, unauthenticated API as documented, so there is no disproportionate request for secrets.
Persistence & Privilege
always is false and the skill does not request elevated persistence or modify other skills/config. The default ability for the agent to invoke the skill autonomously is present but not excessive given the benign behavior and lack of credentials.
Assessment
This skill appears coherent and limited: it makes network requests to https://intodns.ai and does not request credentials or install code. Before installing, consider: (1) network calls will send the domain names you ask it to scan to a third party — avoid scanning private/internal hostnames or sensitive domains you don't want shared; (2) the skill may write a PDF report (report.pdf) to the agent's working directory if you request it; (3) review IntoDNS.ai's privacy/storage policy if you care about how scan results are retained; (4) if you want fully offline or self-hosted scanning of sensitive assets, this skill is not suitable. If you discover any hidden endpoints, auth requirements, or install scripts not present in SKILL.md, stop and re-evaluate.Like a lobster shell, security has layers — review code before you run it.
latestvk973pt74fsh587c8fm7qcqbp3183ben1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.