ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

HomeNetworkSecurityAgent

v1.0.0

Audits local network infrastructure, identifies active hosts, and scans the gateway/public IP for exposed ports and vulnerabilities.

0· 51·0 current·0 all-time
byAnthony Assi@assix
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name, description, declared required binaries (python3, nmap, ip), and included code all align with a home-network scanning purpose. The included scanner.py implements gateway discovery, LAN ping sweeps, and nmap port/vulnerability scans, which are expected for this skill.
!
Instruction Scope
Instructions and the code stay within network-scanning tasks, but the implementation has unsafe/naive behavior: it infers a /24 subnet from the gateway IP without verifying it's a private/local address, which can cause scans of public/third-party address ranges. The script also makes an external HTTP call to ifconfig.me to fetch the public IP (expected, but notable). There are no safeguards, confirmations, or rate limits for deep scans (-p-), which can be disruptive and potentially legally sensitive if used on addresses you do not own.
Install Mechanism
This is instruction-only with a bundled Python script and no install spec — nothing is downloaded or installed by the registry. That is the lowest-risk install model. Note: the script uses the Python 'requests' module but the skill does not declare Python dependencies; this may cause runtime failures but not a direct security issue.
Credentials
The skill requests no environment variables or credentials (proportionate). It does perform network I/O (nmap scans, ip route, and an HTTP request to ifconfig.me). Network access is expected for this purpose, but the external call and ability to scan arbitrary targets should be understood and limited to networks you control.
Persistence & Privilege
The skill does not request persistent privileges (always:false) and does not modify other skills or system-wide configuration. It requires only runtime invocation and standard binaries.
What to consider before installing
This skill appears to do what it says (local and gateway scanning) but has some risky implementation details. Before installing: (1) only run this on networks and devices you own or have explicit permission to scan—deep scans can be disruptive or violate terms of service; (2) be aware the script blindly converts the gateway IP to a /24 subnet and may scan public addresses if your gateway IP is not a private LAN address; (3) the script fetches your public IP from ifconfig.me (an external third-party service) — if you prefer, replace or remove that call; (4) ensure python3, nmap, and ip are installed and that the Python 'requests' package is available; (5) prefer manual/user-invoked runs (do not allow autonomous invocation) and consider running the script from an isolated machine or VM first to observe behavior. If you want higher assurance, request the author add explicit checks to confirm the gateway is a private RFC1918 address, require user confirmation before deep scans, and declare Python dependencies.

Like a lobster shell, security has layers — review code before you run it.

agentvk9770s2fhgxqa6qd3cyc6bncws84qgxhlatestvk9770s2fhgxqa6qd3cyc6bncws84qgxhnetworkvk9770s2fhgxqa6qd3cyc6bncws84qgxhnmapvk9770s2fhgxqa6qd3cyc6bncws84qgxhscannervk9770s2fhgxqa6qd3cyc6bncws84qgxhsecurityvk9770s2fhgxqa6qd3cyc6bncws84qgxhvulnerabilityvk9770s2fhgxqa6qd3cyc6bncws84qgxh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binspython3, nmap, ip

Comments