← Back to Skills Marketplace
solomonneas

Wireshark Analysis

by Solomon Neas · GitHub ↗ · v1.0.1 · MIT-0
cross-platform ✓ Security Clean
281
Downloads
0
Stars
1
Active Installs
2
Versions
Install in OpenClaw
/install wireshark-analysis
Description
Network traffic analysis with Wireshark and tshark. Capture packets, write display and BPF filters, follow TCP/UDP/TLS streams, detect C2 beacons, troublesho...
Usage Guidance
This skill is an instructional guide for using Wireshark and appears internally consistent. Before using it: ensure Wireshark/tshark are installed from official sources and kept up to date; obtain explicit authorization before doing live captures (capturing network traffic can collect sensitive personal or corporate data and may be illegal without consent); prefer filtered captures to limit data collected; avoid running GUI Wireshark as root (use dumpcap/tshark or proper capture group permissions on Linux); be cautious about decrypting TLS (private keys are sensitive); do not upload raw PCAPs to third parties unless you sanitize them. Note: the skill itself is only instructions — any actual capture or command execution depends on your environment and what permissions/tools the agent has on your machine.
Capability Analysis
Type: OpenClaw Skill Name: wireshark-analysis Version: 1.0.1 The skill bundle is a comprehensive educational and procedural guide for using Wireshark and tshark for network traffic analysis. It contains standard display filters, capture workflows, and troubleshooting steps (SKILL.md) without any executable code, malicious instructions, or data exfiltration attempts. The content is well-structured and includes appropriate guardrails regarding authorized capture and privacy.
Capability Assessment
Purpose & Capability
The name/description (Wireshark/tshark network analysis) matches the SKILL.md: it requires Wireshark, captures, filters, and stream-following. No unrelated binaries, env vars, or services are requested.
Instruction Scope
SKILL.md contains step‑by‑step capture/filter/analysis guidance and references PCAP files and live capture. It does not instruct reading unrelated files, exfiltrating data, or using unknown external endpoints.
Install Mechanism
No install spec or code files are present (instruction-only), so nothing will be written or downloaded during install.
Credentials
The skill requests no environment variables or credentials. It legitimately notes the need for Wireshark and capture permissions (root/admin) for live captures.
Persistence & Privilege
The skill does not request persistent installation or elevated platform privileges. However, runtime live capture requires administrator/root privileges (a normal requirement for packet capture) which can expose sensitive traffic if used; agents with local command execution could attempt captures if allowed.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install wireshark-analysis
  3. After installation, invoke the skill by name or use /wireshark-analysis
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
Natural description rewrite
v1.0.0
Initial release. - Provides detailed guidance for capturing and analyzing network traffic using Wireshark and tshark. - Includes usage examples for both capture and display filters, and explains protocol and anomaly detection filters. - Offers step-by-step instructions for reconstructing TCP/UDP/TLS streams and visualizing traffic statistics. - Highlights key workflows such as incident investigation, troubleshooting, and forensic packet analysis. - Specifies applicable use cases and prerequisites for effective network traffic analysis.
Metadata
Slug wireshark-analysis
Version 1.0.1
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 2
Frequently Asked Questions

What is Wireshark Analysis?

Network traffic analysis with Wireshark and tshark. Capture packets, write display and BPF filters, follow TCP/UDP/TLS streams, detect C2 beacons, troublesho... It is an AI Agent Skill for Claude Code / OpenClaw, with 281 downloads so far.

How do I install Wireshark Analysis?

Run "/install wireshark-analysis" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Wireshark Analysis free?

Yes, Wireshark Analysis is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Wireshark Analysis support?

Wireshark Analysis is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Wireshark Analysis?

It is built and maintained by Solomon Neas (@solomonneas); the current version is v1.0.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments