功能描述

Look up domain WHOIS information, check email security (DMARC/SPF/DKIM), inspect TLS certificates, and capture website screenshots. Provides a comprehensive,...

使用说明 (SKILL.md)

domaininfo

Name: Domain WHOIS Lookup
Author: sxlderek

Look up domain WHOIS information and (optionally) capture website screenshots.

When to Use

When the user types whois \x3Cdomain> or whois \x3Curl> or whois \x3Cemail>:

Strip any https://, http://, www. prefixes
If input contains @, extract the domain part after @ (e.g., [email protected] → example.com)

Security Considerations

Input validation: After extracting the domain, only allow alphanumeric, hyphen, and dot characters. Reject anything else.
Command injection prevention: Never interpolate user input directly into shell strings. Prefer argument arrays / safe libraries.
Timeouts: Every external call must have a bounded timeout (e.g., 10s for WHOIS/DNS, 10s for TLS).
Error handling: On failure, return a generic user-friendly message and keep details internal.
Output sanitization: Build the final message as a single string before sending; never send partial responses.
File-system safety: If writing screenshots, restrict writes to a known directory under the skill folder and verify paths stay within it.
Rate-limiting & caching: Cache IP-to-country lookups briefly to avoid hammering external services.

Workflow (Strict Buffer-First — SAFE EXECUTION)

CRITICAL: Zero output until everything is ready. No progress messages.

Phase 1 — Silent Buffer with Validation

Extract & validate domain
- Strip https://, http://, www. prefixes.
- If input contains @, take the part after @.
- Validate with regex ^[a-z0-9.-]+$ (case-insensitive).
- If invalid, abort and return “❌ Invalid domain”.
WHOIS: run whois via safe exec with timeout (10s). Store registrar data.
DNS: run dig for A, AAAA, NS, MX via safe exec with timeout (10s). Store results.
IP Geolocation (Country Code)
- For each IP from A/AAAA and resolved NS/MX hostnames:
  - Query https://ipinfo.io/{IP}/country using web_fetch with timeout (5s).
  - Store the returned 2-letter country code.
Email Security (DMARC/SPF/DKIM)
- DMARC: query TXT for _dmarc.\x3Cdomain>
- SPF: query TXT for \x3Cdomain> and extract the string containing v=spf1 (parse in code; avoid shell pipelines)
- DKIM: query TXT for common selectors (default, google, selector1)

Phase 2 — Optional Screenshot + TLS

Screenshot (ONLY if screenshot tooling is already available)

Only attempt a website screenshot if one of the following is already available in this runtime:

OpenClaw browser tool (preferred): use the browser tool to navigate to the site and take a screenshot.
Bundled Playwright script: scripts/domain-screenshot.js (only if Node + Playwright + a Chromium runtime are already installed).

If neither is available (missing tool / missing module / missing browser runtime), skip the screenshot silently and continue the report.

TLS/SSL Check (if HTTPS)

Fetch certificate info with openssl (timeout 10s).
Extract: certificate issuer and expiry date.
If it fails or times out, note “TLS check failed” but continue.

Phase 3 — Single Final Output

If a screenshot was successfully captured, send it via the message tool.
Send the final WHOIS + DNS + Email Security + TLS summary in one message only.

Send Screenshot (SINGLE SEND ONLY)

Use message tool with action=send and filePath:

{
  "action": "send",
  "caption": "domain.com screenshot",
  "filePath": "domain-screenshot.png"
}

Do NOT also implement provider-API fallbacks (e.g., raw HTTP requests). If message sending fails, report failure rather than double-sending.

Setup Notes

This skill does not include step-by-step installation instructions for Playwright/Chromium.
Screenshot is an optional enhancement and must be skipped if screenshot tooling is not already present.
See references/setup.md for non-invasive environment notes.

安全使用建议

This skill appears coherent and not malicious, but check these before installing: (1) Ensure the runtime provides the required system binaries (whois, dig, openssl) if you want full functionality — the registry metadata currently omits them. (2) The skill will make outbound requests to ipinfo.io for IP geolocation (no credentials required); if you want to avoid external calls, don't enable the skill. (3) Screenshots are optional and only attempted when browser tooling or Node+Playwright+Chromium are already present; the included script safely skips if those are missing. (4) There's a minor mismatch about IDN/Punycode handling in the README vs SKILL.md — if you rely on internationalized domains, ask the author to clarify how conversion is performed. If any of these behaviors are unacceptable, don't install or ask the publisher to correct the metadata/instructions first.

功能分析

Type: OpenClaw Skill Name: domaininfo Version: 1.0.7 The domaininfo skill is a well-structured tool for domain reconnaissance (WHOIS, DNS, TLS, and screenshots) with explicit security considerations. It includes robust input validation (regex for domains), path traversal protections in the screenshot script (scripts/domain-screenshot.js), and clear instructions in SKILL.md to avoid command injection and handle errors gracefully. No indicators of malicious intent, data exfiltration, or prompt injection were found.

能力评估

ℹ Purpose & Capability

The declared skill purpose (WHOIS/DNS/DMARC/SPF/DKIM/TLS + optional screenshots) matches the instructions and included screenshot helper. However, registry metadata lists no required binaries while SKILL.md and references/setup.md expect system tools (whois, dig, openssl). README also claims IDN→Punycode conversion but SKILL.md doesn't specify conversion steps — a documentation/metadata mismatch that should be corrected.

✓ Instruction Scope

Runtime instructions are narrowly scoped to domain analysis: extract/validate domain, run whois/dig/openssl via safe exec, fetch IP country codes via ipinfo.io, check DNS TXT for DMARC/SPF/DKIM, and optionally take a screenshot only when tooling exists. The skill includes specific guards against command injection, path traversal, and timeout requirements.

✓ Install Mechanism

This is an instruction-only skill (no install spec). The only code is an optional Node script that safely skips when Playwright/Chromium are absent. No downloads from external URLs or install steps are included, so install risk is low.

ℹ Credentials

The skill requests no credentials and the script only reads an optional DOMAININFO_SCREENSHOT_DEBUG env var. It does, however, rely on external system binaries (whois, dig, openssl) and makes outbound web_fetch calls to ipinfo.io for geolocation. Those external calls are consistent with the stated purpose but are not declared in the registry metadata — this mismatch should be fixed. No secret exfiltration mechanisms are present.

✓ Persistence & Privilege

The skill does not request always:true, does not require persistent system-wide changes, and contains no code that modifies other skills or global agent configuration. Optional screenshot files are written only under the skill directory with path checks in place.

版本历史

v1.0.7

Make screenshot optional; add IDN/Punycode support notes; remove Playwright install instructions

v1.0.6

Fix screenshot path traversal check for relative paths

v1.0.5

Apply security fixes: input validation, safe path, timeouts, error handling

v1.0.4

Add footnote about OpenClaw and Pollinations

v1.0.3

Handle email addresses by extracting domain part

v1.0.2

Fix screenshot timeout for slow websites

v1.0.1

Rename skill to domaininfo

v0.2.3

- Documentation updated in README.md; no code or functional changes. - Instructions, workflows, and output examples clarified for better usability. - Setup, workflow, and output formatting details reorganized for easier reference.

v0.2.2

- Added a detailed setup guide under references/setup.md for easier installation and environment configuration. - Updated SKILL.md to reference the new setup documentation, reducing duplication and streamlining instructions. - No functional changes to commands or output; documentation improvements only.

v0.2.1

**Switch to Playwright for web screenshots and update setup instructions** - Replaces Chromium/Xvfb screenshot method with a Node.js Playwright script (see new `scripts/domain-screenshot.js`). - Updates all setup instructions to require Playwright and `node`, rather than Xvfb/Chromium. - Adds explicit dependency lists and workspace setup steps for Playwright. - Updates screenshot delivery instructions and illustrates sending screenshots using the `message` tool. - Minor adjustments and clarifications in example output and workflow descriptions.

v0.1.0

Initial release of domaininfo—comprehensive domain analysis and screenshot tool. - WHOIS lookup for domain registrar, creation/expiry dates, status, and DNS records. - Automated checks for email security (DMARC, SPF, DKIM) with clear pass/fail indicators. - TLS certificate inspection for HTTPS sites (issuer and expiry). - Captures and sends a current website screenshot. - Single final, structured report for easy review—no progress updates or intermediate output.

元数据

Slug domaininfo

版本 1.0.7

许可证 MIT-0

累计安装 1

当前安装数 1

历史版本数 11

常见问题

Domain WHOIS Lookup 是什么？

Look up domain WHOIS information, check email security (DMARC/SPF/DKIM), inspect TLS certificates, and capture website screenshots. Provides a comprehensive,... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件，目前累计下载 207 次。

如何安装 Domain WHOIS Lookup？

在 OpenClaw 或 Claude Code 对话框中运行命令「/install domaininfo」即可一键安装，无需额外配置。

Domain WHOIS Lookup 是免费的吗？

是的，Domain WHOIS Lookup 完全免费，采用 MIT-0 许可证，可自由下载、安装和使用。

Domain WHOIS Lookup 支持哪些平台？

Domain WHOIS Lookup 跨平台运行，可在任意部署了 OpenClaw / Claude Code 的环境中使用（cross-platform）。

谁开发了 Domain WHOIS Lookup？

由 Derek Chan（@sxlderek）开发并维护，当前版本 v1.0.7。

Domain WHOIS Lookup