← Back to Skills Marketplace
onionclaw
by
JacobJandon
· GitHub ↗
· v2.1.13
· MIT-0
241
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install onionclaw
Description
Search the Tor dark web, fetch .onion hidden-service pages, rotate Tor identities, and run structured multi-step OSINT investigations. Use when the user asks...
Usage Guidance
This skill is coherent with its stated Tor/OSINT purpose, but exercise caution before running anything it recommends. Specifically: (1) Inspect setup.py, renew.py, and any scripts referenced — they will modify tor configuration and may require root. (2) Run Python package installs inside a virtualenv or container to avoid polluting system Python. (3) Keep any LLM key or secrets out of the .env until you trust the code; the README mentions TOR_DATA_DIR and an LLM key but the registry metadata does not declare them. (4) If you want to try it, run it in an isolated VM/container and review the scripts that modify /etc/tor/torrc or create system services. (5) Consider legal and ethical implications of dark‑web scanning in your jurisdiction and organization.
Capability Analysis
Type: OpenClaw Skill
Name: onionclaw
Version: 2.1.13
OnionClaw is a dark web OSINT tool that automates Tor configuration, searching, and scraping. It is classified as suspicious due to high-risk administrative capabilities, specifically a script (sync_sicry.py) that fetches and updates code from a remote GitHub repository and a setup process that modifies system-level Tor configurations (torrc). While these features support the tool's stated OSINT purpose, they introduce significant supply chain and system integrity risks if the remote source or the local execution environment is compromised.
Capability Assessment
Purpose & Capability
Name/description align with required binaries (python3, pip3, tor) and Python libs (requests[socks], stem, BeautifulSoup). All requested capabilities (search, fetch, rotate Tor identity, OSINT pipeline) are coherent with these requirements.
Instruction Scope
SKILL.md instructs running pip installs, a setup.py 'interactive first‑run wizard' that updates .env and torrc, and restarting system Tor (systemctl / brew services). setup.py is expected to modify system config files (e.g., /etc/tor/torrc) and create DataDirectory paths. Those are legitimate for a Tor tool but grant the skill potential to change system configuration and require elevated privileges; the document does not publish or show the contents of setup.py, renew.py, or other scripts, so you must inspect them before running.
Install Mechanism
Instruction-only skill (no install spec). It tells you to pip3 install specific PyPI packages — expected for Python tooling. Risk: pip installs are global by default in the examples (no virtualenv recommendation) and could overwrite system packages; no downloads from arbitrary URLs were specified.
Credentials
Registry metadata declares no required env vars, but SKILL.md references a .env with an LLM key (optional) and a TOR_DATA_DIR used by renew.py; this mismatch is a minor inconsistency. The tool also asks you to enable ControlPort/ CookieAuthentication in torrc (required for circuit control) which is appropriate but increases capability to control Tor circuits. No unrelated third‑party credentials are requested.
Persistence & Privilege
always:false (good). The skill documents a daemon/--daemon-poll mode and recurring watch/alert jobs; those would create long‑running background activity if enabled. Autonomous invocation (disable-model-invocation:false) is the platform default and not by itself suspicious.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install onionclaw - After installation, invoke the skill by name or use
/onionclaw - Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.1.13
- Initial release of OnionClaw v1.0.0.
- Provides search across 12 dark web engines, `.onion` page fetching, and Tor circuit rotation.
- Enables structured multi-step OSINT investigations with markdown, JSON, STIX, MISP, and CSV reporting.
- Includes recurring watch/alert jobs for automated monitoring.
- Setup wizard and support for both Linux and macOS environments.
- Features complete and single-command OSINT pipeline automation.
Metadata
Frequently Asked Questions
What is onionclaw?
Search the Tor dark web, fetch .onion hidden-service pages, rotate Tor identities, and run structured multi-step OSINT investigations. Use when the user asks... It is an AI Agent Skill for Claude Code / OpenClaw, with 241 downloads so far.
How do I install onionclaw?
Run "/install onionclaw" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is onionclaw free?
Yes, onionclaw is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does onionclaw support?
onionclaw is cross-platform and runs anywhere OpenClaw / Claude Code is available (darwin, linux).
Who created onionclaw?
It is built and maintained by JacobJandon (@jacobjandon); the current version is v2.1.13.
More Skills