← Back to Skills Marketplace
Exposure Sentinel
by
chenhaubin
· GitHub ↗
· v1.0.0
· MIT-0
231
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install exposure-sentinel
Description
Check if IP addresses are listed on the OpenClaw Exposure Watchboard (openclaw.allegro.earth). Use when you need to verify whether specific IPs are publicly...
README (SKILL.md)
Exposure Sentinel
A sentinel that watches over the OpenClaw Exposure Watchboard, checking if your IPs are publicly listed as exposed instances.
When to Use
- Security auditing: Check if your infrastructure IPs are accidentally exposed
- Proactive monitoring: Verify exposure status of critical endpoints
- Incident response: Confirm if a suspected exposure is publicly known
Quick Start
Check a Single IP
python3 skills/exposure-sentinel/scripts/check_ip.py 1.2.3.4
Check Multiple IPs
python3 skills/exposure-sentinel/scripts/check_ip.py 1.2.3.4 5.6.7.8
With Progress Output
python3 skills/exposure-sentinel/scripts/check_ip.py 1.2.3.4 -v
JSON Output (for automation)
python3 skills/exposure-sentinel/scripts/check_ip.py 1.2.3.4 --json
How It Works
- Concurrent scanning: Uses 50 concurrent connections to scan all 3,357 pages
- Pattern matching: Handles both full IPs and partially masked IPs (e.g.,
1.2.3.•••) - Complete coverage: Checks every page of the exposure database
- Typical runtime: ~85-95 seconds for full scan
Interpreting Results
- ✅ Not found: IP is not listed in the exposure database (safe)
- ⚠️ EXPOSED: IP appears on the watchboard with page links for details
Technical Details
- Source: https://openclaw.allegro.earth
- Total pages: 3,357 (100 records per page)
- Total records: ~335,000 exposed instances
- Scan rate: ~40 pages/second
About OpenClaw Exposure Watchboard
This is a public security research database listing publicly reachable OpenClaw instances for defensive awareness. If your IP appears here, it means:
- The instance is directly exposed to the internet
- Authentication may be disabled or weak
- Immediate action recommended: enable auth, restrict access, patch
Usage Guidance
This skill appears to do what it says: run the included Python script to check the public OpenClaw Exposure Watchboard for IPs. Before installing/running, confirm you have a compatible Python environment and install aiohttp. Be aware the script aggressively fetches thousands of pages with 50 concurrent connections — that can generate significant traffic and could be considered abusive by the target site; consider lowering CONCURRENT_LIMIT or contacting the site owner, obey robots.txt and terms of service, and avoid running scans from sensitive networks. If you need more assurance, inspect the script yourself or run it from an isolated environment (rate-limit / proxy) to avoid accidental abuse.
Capability Analysis
Type: OpenClaw Skill
Name: exposure-sentinel
Version: 1.0.0
The exposure-sentinel skill is a specialized utility designed to check if specific IP addresses are listed on the OpenClaw Exposure Watchboard (openclaw.allegro.earth). The script scripts/check_ip.py implements this by performing asynchronous HTTP GET requests to download pages from the watchboard and searching the response text locally for the target IPs, which is a privacy-preserving approach compared to sending IPs in query parameters. The code is transparent, lacks obfuscation, and contains no indicators of data exfiltration, unauthorized execution, or malicious prompt injection.
Capability Assessment
Purpose & Capability
Name/description match the implementation: the Python script fetches pages from https://openclaw.allegro.earth and searches for the target IP(s). No unrelated credentials, binaries, or config paths are requested.
Instruction Scope
SKILL.md instructs the agent to run the included script to scan the public site. The instructions do not ask the agent to read local files, environment variables, or transmit results to other endpoints. Note: the tool performs broad network requests (all pages on the site) which is consistent with the claimed full-site scan.
Install Mechanism
This is an instruction-only skill with no install spec. The bundled script depends on aiohttp (and Python 3.9+ annotations); the skill does not declare or install that dependency. That is not malicious but you should ensure the runtime has the required Python packages available.
Credentials
The skill requests no environment variables, credentials, or config paths. The lack of secrets is proportionate to a public-site scraping/checking tool.
Persistence & Privilege
The skill is not always-enabled and does not modify agent/system configuration. It does not request persistent privileges or autonomy beyond normal agent invocation.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install exposure-sentinel - After installation, invoke the skill by name or use
/exposure-sentinel - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release: Scan OpenClaw Exposure Watchboard for exposed IPs
Metadata
Frequently Asked Questions
What is Exposure Sentinel?
Check if IP addresses are listed on the OpenClaw Exposure Watchboard (openclaw.allegro.earth). Use when you need to verify whether specific IPs are publicly... It is an AI Agent Skill for Claude Code / OpenClaw, with 231 downloads so far.
How do I install Exposure Sentinel?
Run "/install exposure-sentinel" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Exposure Sentinel free?
Yes, Exposure Sentinel is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Exposure Sentinel support?
Exposure Sentinel is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Exposure Sentinel?
It is built and maintained by chenhaubin (@chenhaubin); the current version is v1.0.0.
More Skills