Query local public IP address
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill appears to do what it claims: it runs a small Python script that queries public IP lookup services and prints the result.
This looks safe for its stated purpose. Be aware that it relies on third-party IP lookup services, so those services can see your public IP when the skill runs.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your public IP address and request metadata may be visible to the listed third-party services.
The script contacts external public IP lookup services. This is purpose-aligned, but those services will receive the connection and can observe the public IP lookup.
"https://api.ipify.org", "https://ifconfig.me/ip", "https://icanhazip.com"
Install only if you are comfortable using those public IP lookup services; review or change the endpoint list if you prefer a specific provider.
You have less information about where the skill came from or who maintains it.
The registry metadata does not identify an upstream source or homepage, which limits provenance context even though the included code is simple and fully visible.
Source: unknown; Homepage: none
Review the included script before use and prefer installing skills from maintainers or sources you trust.