Description

Look up domain WHOIS information, check email security (DMARC/SPF/DKIM), inspect TLS certificates, and capture website screenshots. Provides a comprehensive,...

README (SKILL.md)

domaininfo

Name: Domain WHOIS Lookup
Author: sxlderek

Look up domain WHOIS information and (optionally) capture website screenshots.

When to Use

When the user types whois \x3Cdomain> or whois \x3Curl> or whois \x3Cemail>:

Strip any https://, http://, www. prefixes
If input contains @, extract the domain part after @ (e.g., [email protected] → example.com)

Security Considerations

Input validation: After extracting the domain, only allow alphanumeric, hyphen, and dot characters. Reject anything else.
Command injection prevention: Never interpolate user input directly into shell strings. Prefer argument arrays / safe libraries.
Timeouts: Every external call must have a bounded timeout (e.g., 10s for WHOIS/DNS, 10s for TLS).
Error handling: On failure, return a generic user-friendly message and keep details internal.
Output sanitization: Build the final message as a single string before sending; never send partial responses.
File-system safety: If writing screenshots, restrict writes to a known directory under the skill folder and verify paths stay within it.
Rate-limiting & caching: Cache IP-to-country lookups briefly to avoid hammering external services.

Workflow (Strict Buffer-First — SAFE EXECUTION)

CRITICAL: Zero output until everything is ready. No progress messages.

Phase 1 — Silent Buffer with Validation

Extract & validate domain
- Strip https://, http://, www. prefixes.
- If input contains @, take the part after @.
- Validate with regex ^[a-z0-9.-]+$ (case-insensitive).
- If invalid, abort and return “❌ Invalid domain”.
WHOIS: run whois via safe exec with timeout (10s). Store registrar data.
DNS: run dig for A, AAAA, NS, MX via safe exec with timeout (10s). Store results.
IP Geolocation (Country Code)
- For each IP from A/AAAA and resolved NS/MX hostnames:
  - Query https://ipinfo.io/{IP}/country using web_fetch with timeout (5s).
  - Store the returned 2-letter country code.
Email Security (DMARC/SPF/DKIM)
- DMARC: query TXT for _dmarc.\x3Cdomain>
- SPF: query TXT for \x3Cdomain> and extract the string containing v=spf1 (parse in code; avoid shell pipelines)
- DKIM: query TXT for common selectors (default, google, selector1)

Phase 2 — Optional Screenshot + TLS

Screenshot (ONLY if screenshot tooling is already available)

Only attempt a website screenshot if one of the following is already available in this runtime:

OpenClaw browser tool (preferred): use the browser tool to navigate to the site and take a screenshot.
Bundled Playwright script: scripts/domain-screenshot.js (only if Node + Playwright + a Chromium runtime are already installed).

If neither is available (missing tool / missing module / missing browser runtime), skip the screenshot silently and continue the report.

TLS/SSL Check (if HTTPS)

Fetch certificate info with openssl (timeout 10s).
Extract: certificate issuer and expiry date.
If it fails or times out, note “TLS check failed” but continue.

Phase 3 — Single Final Output

If a screenshot was successfully captured, send it via the message tool.
Send the final WHOIS + DNS + Email Security + TLS summary in one message only.

Send Screenshot (SINGLE SEND ONLY)

Use message tool with action=send and filePath:

{
  "action": "send",
  "caption": "domain.com screenshot",
  "filePath": "domain-screenshot.png"
}

Do NOT also implement provider-API fallbacks (e.g., raw HTTP requests). If message sending fails, report failure rather than double-sending.

Setup Notes

This skill does not include step-by-step installation instructions for Playwright/Chromium.
Screenshot is an optional enhancement and must be skipped if screenshot tooling is not already present.
See references/setup.md for non-invasive environment notes.

Usage Guidance

This skill appears coherent and not malicious, but check these before installing: (1) Ensure the runtime provides the required system binaries (whois, dig, openssl) if you want full functionality — the registry metadata currently omits them. (2) The skill will make outbound requests to ipinfo.io for IP geolocation (no credentials required); if you want to avoid external calls, don't enable the skill. (3) Screenshots are optional and only attempted when browser tooling or Node+Playwright+Chromium are already present; the included script safely skips if those are missing. (4) There's a minor mismatch about IDN/Punycode handling in the README vs SKILL.md — if you rely on internationalized domains, ask the author to clarify how conversion is performed. If any of these behaviors are unacceptable, don't install or ask the publisher to correct the metadata/instructions first.

Capability Analysis

Type: OpenClaw Skill Name: domaininfo Version: 1.0.7 The domaininfo skill is a well-structured tool for domain reconnaissance (WHOIS, DNS, TLS, and screenshots) with explicit security considerations. It includes robust input validation (regex for domains), path traversal protections in the screenshot script (scripts/domain-screenshot.js), and clear instructions in SKILL.md to avoid command injection and handle errors gracefully. No indicators of malicious intent, data exfiltration, or prompt injection were found.

Capability Assessment

ℹ Purpose & Capability

The declared skill purpose (WHOIS/DNS/DMARC/SPF/DKIM/TLS + optional screenshots) matches the instructions and included screenshot helper. However, registry metadata lists no required binaries while SKILL.md and references/setup.md expect system tools (whois, dig, openssl). README also claims IDN→Punycode conversion but SKILL.md doesn't specify conversion steps — a documentation/metadata mismatch that should be corrected.

✓ Instruction Scope

Runtime instructions are narrowly scoped to domain analysis: extract/validate domain, run whois/dig/openssl via safe exec, fetch IP country codes via ipinfo.io, check DNS TXT for DMARC/SPF/DKIM, and optionally take a screenshot only when tooling exists. The skill includes specific guards against command injection, path traversal, and timeout requirements.

✓ Install Mechanism

This is an instruction-only skill (no install spec). The only code is an optional Node script that safely skips when Playwright/Chromium are absent. No downloads from external URLs or install steps are included, so install risk is low.

ℹ Credentials

The skill requests no credentials and the script only reads an optional DOMAININFO_SCREENSHOT_DEBUG env var. It does, however, rely on external system binaries (whois, dig, openssl) and makes outbound web_fetch calls to ipinfo.io for geolocation. Those external calls are consistent with the stated purpose but are not declared in the registry metadata — this mismatch should be fixed. No secret exfiltration mechanisms are present.

✓ Persistence & Privilege

The skill does not request always:true, does not require persistent system-wide changes, and contains no code that modifies other skills or global agent configuration. Optional screenshot files are written only under the skill directory with path checks in place.

Version History

v1.0.7

Make screenshot optional; add IDN/Punycode support notes; remove Playwright install instructions

v1.0.6

Fix screenshot path traversal check for relative paths

v1.0.5

Apply security fixes: input validation, safe path, timeouts, error handling

v1.0.4

Add footnote about OpenClaw and Pollinations

v1.0.3

Handle email addresses by extracting domain part

v1.0.2

Fix screenshot timeout for slow websites

v1.0.1

Rename skill to domaininfo

v0.2.3

- Documentation updated in README.md; no code or functional changes. - Instructions, workflows, and output examples clarified for better usability. - Setup, workflow, and output formatting details reorganized for easier reference.

v0.2.2

- Added a detailed setup guide under references/setup.md for easier installation and environment configuration. - Updated SKILL.md to reference the new setup documentation, reducing duplication and streamlining instructions. - No functional changes to commands or output; documentation improvements only.

v0.2.1

**Switch to Playwright for web screenshots and update setup instructions** - Replaces Chromium/Xvfb screenshot method with a Node.js Playwright script (see new `scripts/domain-screenshot.js`). - Updates all setup instructions to require Playwright and `node`, rather than Xvfb/Chromium. - Adds explicit dependency lists and workspace setup steps for Playwright. - Updates screenshot delivery instructions and illustrates sending screenshots using the `message` tool. - Minor adjustments and clarifications in example output and workflow descriptions.

v0.1.0

Initial release of domaininfo—comprehensive domain analysis and screenshot tool. - WHOIS lookup for domain registrar, creation/expiry dates, status, and DNS records. - Automated checks for email security (DMARC, SPF, DKIM) with clear pass/fail indicators. - TLS certificate inspection for HTTPS sites (issuer and expiry). - Captures and sends a current website screenshot. - Single final, structured report for easy review—no progress updates or intermediate output.

Metadata

Slug domaininfo

Version 1.0.7

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 11

Frequently Asked Questions

What is Domain WHOIS Lookup?

Look up domain WHOIS information, check email security (DMARC/SPF/DKIM), inspect TLS certificates, and capture website screenshots. Provides a comprehensive,... It is an AI Agent Skill for Claude Code / OpenClaw, with 207 downloads so far.

How do I install Domain WHOIS Lookup?

Run "/install domaininfo" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Domain WHOIS Lookup free?

Yes, Domain WHOIS Lookup is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Domain WHOIS Lookup support?

Domain WHOIS Lookup is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Domain WHOIS Lookup?

It is built and maintained by Derek Chan (@sxlderek); the current version is v1.0.7.

More Skills

Domain WHOIS Lookup