← Back to Skills Marketplace
florianbeer

Network Scanner

by Florian Beer · GitHub ↗ · v1.1.0
cross-platform ⚠ suspicious
5339
Downloads
0
Stars
36
Active Installs
2
Versions
Install in OpenClaw
/install network-scanner
Description
Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks.
Usage Guidance
Review before installing. Use only on networks you own or are authorized to scan, avoid untrusted network names, CIDRs, DNS values, and config files, and prefer --no-sudo unless MAC discovery is required. The publisher should replace shell=True command strings with argument-list subprocess calls and validate CIDR/DNS/config inputs before this is treated as low risk.
Capability Analysis
Type: OpenClaw Skill Name: network-scanner Version: 1.1.0 The skill is classified as suspicious due to a command injection vulnerability in `scripts/scan.py`. The `subprocess.run` function is used with `shell=True` to execute `dig` commands, and the `--dns` argument (user-controlled input) is directly interpolated into the shell command string without proper sanitization. This allows an attacker to inject arbitrary shell commands by providing a crafted DNS server value (e.g., `--dns '8.8.8.8; rm -rf /'`). While the skill includes safety features to prevent accidental public network scanning, this specific vulnerability poses a significant risk for arbitrary code execution.
Capability Assessment
Purpose & Capability
The stated purpose and behavior are coherent: it uses nmap and dig to discover hosts, hostnames, MAC addresses, and vendors on selected networks. That network inventory is sensitive, but expected for this tool.
Instruction Scope
scripts/scan.py uses subprocess.run(..., shell=True) through run_cmd and interpolates user/config-controlled values into commands, including --dns, configured cidr values, and scan targets. This creates a concrete command-injection risk outside the intended scan workflow.
Install Mechanism
No installer, remote bootstrap, or package-install script is present. The skill discloses its dependency on local nmap and dig binaries.
Credentials
Active network scanning and reverse DNS lookups are proportionate to the stated purpose, and the skill includes public-range, blocklist, and route-safety checks. Users still need authorization for scanned networks.
Persistence & Privilege
The skill can create a local config file under ~/.config/network-scanner and recommends sudo for MAC discovery, but there is no evidence of background persistence, hidden services, credential theft, or external exfiltration.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install network-scanner
  3. After installation, invoke the skill by name or use /network-scanner
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.0
Added homepage metadata, improved safety documentation, enhanced blocklist config format
v1.0.0
Initial release of network-scanner. - Scan local or custom networks to discover devices, MAC addresses, vendors, and hostnames. - Supports scanning by configured network names or direct CIDR input. - Outputs results in Markdown (default) or JSON format. - Provides example configuration, network listing, and custom DNS options. - Requires nmap and dig; sudo recommended for full MAC address visibility.
Metadata
Slug network-scanner
Version 1.1.0
License
All-time Installs 201
Active Installs 36
Total Versions 2
Frequently Asked Questions

What is Network Scanner?

Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks. It is an AI Agent Skill for Claude Code / OpenClaw, with 5339 downloads so far.

How do I install Network Scanner?

Run "/install network-scanner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Network Scanner free?

Yes, Network Scanner is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Network Scanner support?

Network Scanner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Network Scanner?

It is built and maintained by Florian Beer (@florianbeer); the current version is v1.1.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments