← Back to Skills Marketplace
662
Downloads
0
Stars
3
Active Installs
1
Versions
Install in OpenClaw
/install network-scan
Description
Scans specified network targets and ports using nmap with options for speed, timeout, host limits, and exclusions, returning detailed JSON results.
Usage Guidance
This skill implements nmap-based network scanning and the code matches that purpose, but it fails to declare that it needs the nmap binary and the python 'nmap' library. Before installing or using: (1) ensure you have permission to scan the target networks (unauthorized scanning can be illegal or disruptive); (2) install nmap on the host and the python-nmap package, or the tool will return an error; (3) consider testing locally on a lab network first; (4) review the code (it does not exfiltrate data or call external endpoints), but note the unused 'subprocess' import and the skill will produce the exact nmap command line it runs — verify that output if you need auditability; (5) if you want clearer safety, ask the publisher to add an install spec and explicit documentation of the nmap/python-nmap requirements and to limit autonomous invocation or add usage constraints.
Capability Analysis
Type: OpenClaw Skill
Name: network-scan
Version: 1.0.0
The skill performs network scanning using `nmap` via the `python-nmap` library. While the `SKILL.md` is benign and the `target` parameter undergoes some validation, the `main.py` script is classified as suspicious due to the lack of comprehensive input validation for the `ports` and `exclude` parameters. These user-controlled inputs are directly incorporated into the `nmap` command arguments. Although the `python-nmap` library generally mitigates direct shell injection by passing arguments as a list, the absence of robust sanitization for all parameters represents a vulnerability that could be exploited if `nmap` or `python-nmap` has an unknown flaw in argument handling, potentially leading to unintended command execution or resource exhaustion.
Capability Assessment
Purpose & Capability
The skill's name, SKILL.md and main.py all consistently implement network scanning with nmap. However, the registry metadata and SKILL.md do not declare the actual runtime dependency on the nmap binary and the python-nmap package (the code imports 'nmap' and checks for the nmap program). That missing dependency declaration is an incoherence: a network-scan tool reasonably needs nmap, but the package metadata/instructions do not request or document it.
Instruction Scope
SKILL.md instructs only to provide target and ports and returns JSON results; the code follows that scope and does not read other files or external config. It does allow scanning arbitrary IPs/ranges which can be misused or legally problematic if run without permission — this is expected for a scanner but worth highlighting.
Install Mechanism
There is no install spec but the runtime requires the nmap program and the python 'nmap' module. Without an install step or clear documentation, users may run this in environments missing these dependencies. The code does not fetch remote code or use suspicious external URLs, so the install risk is about missing/undeclared requirements rather than malicious downloads.
Credentials
The skill requests no environment variables or credentials (appropriate). However, network scanning itself is a sensitive capability: consider whether autonomous scans are permitted for target networks and whether scans could trigger IDS/IPS or legal issues. No env vars are requested or accessed by the code.
Persistence & Privilege
The skill does not request persistent/always-on privileges, does not modify other skills or system configuration, and is user-invocable only. Autonomous invocation is allowed by platform default but not escalated by this skill's metadata.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install network-scan - After installation, invoke the skill by name or use
/network-scan - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release of the network-scan skill.
- Scans ports and devices on a network using nmap
- Supports targets in CIDR notation, IP ranges, and comma-separated lists
- Multiple scan customization options: quick scan, fast scan, top ports, hosts limit, and IP exclusion
- Output includes scan results, nmap command used, and scan information in JSON format
Metadata
Frequently Asked Questions
What is Network Scan?
Scans specified network targets and ports using nmap with options for speed, timeout, host limits, and exclusions, returning detailed JSON results. It is an AI Agent Skill for Claude Code / OpenClaw, with 662 downloads so far.
How do I install Network Scan?
Run "/install network-scan" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Network Scan free?
Yes, Network Scan is completely free (open-source). You can download, install and use it at no cost.
Which platforms does Network Scan support?
Network Scan is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Network Scan?
It is built and maintained by ApacheUA (@apacheua); the current version is v1.0.0.
More Skills