← Back to Skills Marketplace
dmcmurrin4617

Shodan Skill

by dmcmurrin4617 · GitHub ↗ · v0.1.0 · MIT-0
cross-platform ⚠ suspicious
264
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install shodan-skill
Description
Advanced Shodan API interactions including search, scan, alerts, and DNS.
Usage Guidance
This skill appears to implement a legitimate Shodan wrapper, but review these points before installing: 1) The code requires a Shodan API key (SHODAN_API_KEY or ~/.config/shodan/api_key) but the registry metadata did not declare it — be careful where you store/provide that key. 2) The README points to an external GitHub repo (liuweitao/shodan-skill); verify the repository and author before cloning. 3) On-demand scans and streaming consume Shodan credits and may have legal/ethical implications — only run scans you are authorized to perform. 4) Inspect the included scripts yourself (they are provided) and run the skill in a sandbox or low-privilege account if possible. 5) If you want to allow autonomous agent use, consider restricting or auditing agent actions that trigger scans/streams to prevent unexpected network activity or credential exposure.
Capability Analysis
Type: OpenClaw Skill Name: shodan-skill Version: 0.1.0 The shodan-skill bundle is a legitimate wrapper for the official Shodan Python library, providing an interface for network reconnaissance, vulnerability scanning, and asset monitoring. The script (scripts/shodan_skill.py) correctly handles API keys via environment variables or the standard Shodan configuration file (~/.config/shodan/api_key) and contains no evidence of malicious intent, data exfiltration, or unauthorized command execution.
Capability Assessment
Purpose & Capability
Name, description, required binaries (python3, pip), and included Python script all align with providing Shodan API features (search, host, scan, alerts, stream, DNS, exploits). The use of the official shodan Python library is expected.
Instruction Scope
SKILL.md and the CLI script keep to Shodan-related operations only (search, scan, stream, alerts, DNS, etc.). The script reads a Shodan API key from SHODAN_API_KEY or ~/.config/shodan/api_key and outputs JSON results; SKILL.md documents shodan init and SHODAN_API_KEY but does not explicitly call out reading the config file.
Install Mechanism
No opaque install step or remote download is embedded in the registry entry; the skill is instruction-only (with an included script). Dependencies are standard (pip install shodan). README suggests cloning a GitHub repo, but the skill bundle already contains the code.
Credentials
Registry metadata lists no required env vars or primary credential, but runtime code requires a Shodan API key (SHODAN_API_KEY env var or ~/.config/shodan/api_key). The metadata omission is an incoherence — the skill will fail without the key and users may not realize they must provide it. Apart from that, no unrelated credentials are requested.
Persistence & Privilege
always:false and default autonomy are set; the skill does not request persistent system-wide changes or modify other skills. It does perform network actions via Shodan (including scans and streams) which have operational and ethical implications but are coherent with its purpose.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install shodan-skill
  3. After installation, invoke the skill by name or use /shodan-skill
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v0.1.0
Initial release with advanced Shodan API usage and management tools. - Supports advanced search, scan, host details, and count queries, including facets/statistics. - Enables creation and management of network alerts and notifiers. - Provides DNS/domain lookups, exploit search, and access to account/profile tools. - Offers streaming of real-time Shodan data and directory (saved query) utilities. - Includes helper commands for search filters and data fields reference.
Metadata
Slug shodan-skill
Version 0.1.0
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 1
Frequently Asked Questions

What is Shodan Skill?

Advanced Shodan API interactions including search, scan, alerts, and DNS. It is an AI Agent Skill for Claude Code / OpenClaw, with 264 downloads so far.

How do I install Shodan Skill?

Run "/install shodan-skill" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Shodan Skill free?

Yes, Shodan Skill is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Shodan Skill support?

Shodan Skill is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Shodan Skill?

It is built and maintained by dmcmurrin4617 (@dmcmurrin4617); the current version is v0.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments