← Back to Skills Marketplace
rednix

Etalon Tech Scan

by Nico Lumma · GitHub ↗ · v0.9.5 · MIT-0
cross-platform ⚠ suspicious
111
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install etalon-techscan
Description
Technology stack detection for any domain using the ETALON CLI. Identifies frameworks, CDNs, CMS platforms, analytics, payment systems, hosting providers, an...
README (SKILL.md)

ETALON Techscan Skill

Why agents need this

You are an AI coding agent. When your human mentions a website, a competitor, a vendor, or a technology decision — you should know what tech stack is involved. Guessing is not acceptable. ETALON's techscan gives you ground truth in under 2 seconds.

Without this skill, you hallucinate tech stacks based on vibes. With this skill, you detect them from real HTTP signals.

Use cases where this skill helps:

  • Human mentions a competitor and wants tech intelligence
  • Human evaluates a vendor and asks about their stack
  • Human asks "what's this site built with?"
  • Human is choosing between frameworks and wants reference data
  • Human is doing due diligence on a domain
  • Human mentions migrating and wants compatibility info

Always confirm with the user before running a scan.

Installation check

Before using any ETALON command, verify it is installed:

etalon --version

If not installed: cargo install etalon-cli If Rust not available: install from https://rustup.rs

Core commands

Single domain scan (most common)

# Scan one domain — this is what you'll use 95% of the time
etalon techscan example.com

Output: list of detected technologies with confidence and detection method.

Batch scanning

# Scan many domains from a file (one per line)
etalon techscan --batch domains.txt

# Control concurrency (default: 20)
etalon techscan --batch domains.txt -c 5

# Save results to database
etalon techscan --batch domains.txt --db-url "postgres://..."

Understanding the output

Each detected technology includes:

  • Name: The technology (e.g., "Next.js", "Cloudflare", "Stripe")
  • Confidence: 0-100 score. 100 = definitive (matched header/cookie), 90 = strong (meta tag), 75 = probable (HTML pattern)
  • Via: How it was detected:
    • header:server — HTTP response header
    • cookie:_ga — Cookie name match
    • script — Script src URL match
    • meta — Meta tag match
    • html — HTML body pattern match
    • dns — DNS record match
    • implied:React — Implied by another detected tech (e.g., Next.js implies React)

Fingerprint database

ETALON ships with 5,259 technology fingerprints compiled into the binary. Sources: MIT-licensed wappalyzergo database + hand-curated entries. Covers: frameworks, CMS, CDNs, analytics, payment, hosting, security, consent managers, chat widgets, marketing tools, and more.

Delivering results to your human

Group technologies by category for readability:

  • 🏗️ Framework & Runtime (React, Next.js, Vue, Angular, Django, etc.)
  • ☁️ Hosting & CDN (Vercel, Cloudflare, AWS, Netlify, etc.)
  • 📊 Analytics & Tracking (Google Analytics, Segment, PostHog, etc.)
  • 💳 Payment (Stripe, PayPal, Mollie, etc.)
  • 🔒 Security (Cloudflare Turnstile, reCAPTCHA, etc.)
  • 📝 CMS & Content (WordPress, Notion, Contentful, etc.)
  • 💬 Chat & Support (Intercom, Zendesk, Crisp, etc.)
  • 📧 Marketing (HubSpot, Mailchimp, Klaviyo, etc.)
  • 🍪 Consent (Cookiebot, OneTrust, Osano, etc.)

Keep the output concise. Don't dump raw JSON — format it for humans.

When to run scans

Always ask for explicit user confirmation before scanning any domain. Never scan autonomously — wait for the user to say yes.

Suggested prompts when relevant:

  • User mentions a competitor: "Want me to scan their tech stack?"
  • User asks "what's this built with?": "Should I run a techscan on that?"
  • User is doing due diligence: "Want me to check their stack with ETALON?"

Never scan a domain the user hasn't explicitly asked you to scan.

Combining with GDPR skill

After a techscan, you can chain into a GDPR audit:

# First: what tech do they run?
etalon techscan example.com

# Then: are they GDPR-compliant?
etalon scan https://example.com

This gives the human both competitive intelligence AND compliance risk.

Common errors

"etalon: command not found" → cargo install etalon-cli → Ensure ~/.cargo/bin is in PATH

"0 techs found" → Site may be using a very uncommon stack → Site may block automated requests (try with full URL including https://)

Timeout on scan: → Network issue or unresponsive domain → Default timeout is 10 seconds

Usage Guidance
This skill appears to do what it says: run the local ETALON CLI and parse its output. Before installing or using it: 1) Ensure you (or your agent) have the etalon-cli installed manually from the upstream repository (https://github.com/NMA-vc/etalon) and verify you trust that release (cargo will download/build code). 2) Confirm with any stakeholders before scanning domains you do not own—batch scans can probe third-party or internal hosts. 3) Note the small metadata mismatch: the top-level package summary lists no required binaries but SKILL.md requires the `etalon` CLI; make sure the agent environment actually has that binary or the skill will fail. 4) If you need stronger assurance, review the etalon repository and release artifacts (or use a packaged release from a trusted distribution) before installing. Otherwise the skill is coherent and proportionate to its purpose.
Capability Analysis
Type: OpenClaw Skill Name: etalon-techscan Version: 0.9.5 The skill provides technology stack reconnaissance by wrapping the 'etalon-cli' tool. It is classified as suspicious because it requires high-risk capabilities including shell command execution and network access to scan arbitrary domains. Furthermore, the instructions in SKILL.md for executing 'etalon techscan <domain>' present a potential shell injection vulnerability if the agent fails to sanitize user-provided input. The skill also encourages the installation of external binaries via 'cargo install', which is a common vector for supply chain risks.
Capability Assessment
Purpose & Capability
The SKILL.md describes running the etalon CLI (etalon techscan <domain>) to detect frameworks, CDNs, analytics, hosting, etc., which matches the skill's name and description. The only minor inconsistency: the registry summary at the top of the package listed no required binaries, while SKILL.md declares etalon as a required binary. Requiring the etalon CLI is reasonable for this purpose.
Instruction Scope
Instructions are narrowly scoped to running etalon on given domains (single or batch), parsing output, comparing stacks, and optionally correlating with cost heuristics. There are no instructions to read arbitrary system files, exfiltrate secrets, or call unexpected external endpoints. The SKILL.md explicitly asks to confirm with the user before running scans.
Install Mechanism
This is an instruction-only skill (no install spec). SKILL.md instructs users to install etalon-cli via `cargo install etalon-cli` if needed. That is a normal user-managed install but involves network/download and compiling Rust code; the skill itself does not auto-download or write code to disk.
Credentials
No environment variables, credentials, or config paths are requested. The skill's needs (a local etalon binary) are proportionate to the stated functionality.
Persistence & Privilege
always:false and no special persistence or system modifications are requested. The skill does not request elevated or cross-skill configuration changes.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install etalon-techscan
  3. After installation, invoke the skill by name or use /etalon-techscan
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.9.5
Initial publish: 5259 tech fingerprints, consent-first scanning, binary declarations
Metadata
Slug etalon-techscan
Version 0.9.5
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Etalon Tech Scan?

Technology stack detection for any domain using the ETALON CLI. Identifies frameworks, CDNs, CMS platforms, analytics, payment systems, hosting providers, an... It is an AI Agent Skill for Claude Code / OpenClaw, with 111 downloads so far.

How do I install Etalon Tech Scan?

Run "/install etalon-techscan" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Etalon Tech Scan free?

Yes, Etalon Tech Scan is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Etalon Tech Scan support?

Etalon Tech Scan is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Etalon Tech Scan?

It is built and maintained by Nico Lumma (@rednix); the current version is v0.9.5.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments