← 返回 Skills 市场
rednix

Etalon Tech Scan

作者 Nico Lumma · GitHub ↗ · v0.9.5 · MIT-0
cross-platform ⚠ suspicious
111
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install etalon-techscan
功能描述
Technology stack detection for any domain using the ETALON CLI. Identifies frameworks, CDNs, CMS platforms, analytics, payment systems, hosting providers, an...
使用说明 (SKILL.md)

ETALON Techscan Skill

Why agents need this

You are an AI coding agent. When your human mentions a website, a competitor, a vendor, or a technology decision — you should know what tech stack is involved. Guessing is not acceptable. ETALON's techscan gives you ground truth in under 2 seconds.

Without this skill, you hallucinate tech stacks based on vibes. With this skill, you detect them from real HTTP signals.

Use cases where this skill helps:

  • Human mentions a competitor and wants tech intelligence
  • Human evaluates a vendor and asks about their stack
  • Human asks "what's this site built with?"
  • Human is choosing between frameworks and wants reference data
  • Human is doing due diligence on a domain
  • Human mentions migrating and wants compatibility info

Always confirm with the user before running a scan.

Installation check

Before using any ETALON command, verify it is installed:

etalon --version

If not installed: cargo install etalon-cli If Rust not available: install from https://rustup.rs

Core commands

Single domain scan (most common)

# Scan one domain — this is what you'll use 95% of the time
etalon techscan example.com

Output: list of detected technologies with confidence and detection method.

Batch scanning

# Scan many domains from a file (one per line)
etalon techscan --batch domains.txt

# Control concurrency (default: 20)
etalon techscan --batch domains.txt -c 5

# Save results to database
etalon techscan --batch domains.txt --db-url "postgres://..."

Understanding the output

Each detected technology includes:

  • Name: The technology (e.g., "Next.js", "Cloudflare", "Stripe")
  • Confidence: 0-100 score. 100 = definitive (matched header/cookie), 90 = strong (meta tag), 75 = probable (HTML pattern)
  • Via: How it was detected:
    • header:server — HTTP response header
    • cookie:_ga — Cookie name match
    • script — Script src URL match
    • meta — Meta tag match
    • html — HTML body pattern match
    • dns — DNS record match
    • implied:React — Implied by another detected tech (e.g., Next.js implies React)

Fingerprint database

ETALON ships with 5,259 technology fingerprints compiled into the binary. Sources: MIT-licensed wappalyzergo database + hand-curated entries. Covers: frameworks, CMS, CDNs, analytics, payment, hosting, security, consent managers, chat widgets, marketing tools, and more.

Delivering results to your human

Group technologies by category for readability:

  • 🏗️ Framework & Runtime (React, Next.js, Vue, Angular, Django, etc.)
  • ☁️ Hosting & CDN (Vercel, Cloudflare, AWS, Netlify, etc.)
  • 📊 Analytics & Tracking (Google Analytics, Segment, PostHog, etc.)
  • 💳 Payment (Stripe, PayPal, Mollie, etc.)
  • 🔒 Security (Cloudflare Turnstile, reCAPTCHA, etc.)
  • 📝 CMS & Content (WordPress, Notion, Contentful, etc.)
  • 💬 Chat & Support (Intercom, Zendesk, Crisp, etc.)
  • 📧 Marketing (HubSpot, Mailchimp, Klaviyo, etc.)
  • 🍪 Consent (Cookiebot, OneTrust, Osano, etc.)

Keep the output concise. Don't dump raw JSON — format it for humans.

When to run scans

Always ask for explicit user confirmation before scanning any domain. Never scan autonomously — wait for the user to say yes.

Suggested prompts when relevant:

  • User mentions a competitor: "Want me to scan their tech stack?"
  • User asks "what's this built with?": "Should I run a techscan on that?"
  • User is doing due diligence: "Want me to check their stack with ETALON?"

Never scan a domain the user hasn't explicitly asked you to scan.

Combining with GDPR skill

After a techscan, you can chain into a GDPR audit:

# First: what tech do they run?
etalon techscan example.com

# Then: are they GDPR-compliant?
etalon scan https://example.com

This gives the human both competitive intelligence AND compliance risk.

Common errors

"etalon: command not found" → cargo install etalon-cli → Ensure ~/.cargo/bin is in PATH

"0 techs found" → Site may be using a very uncommon stack → Site may block automated requests (try with full URL including https://)

Timeout on scan: → Network issue or unresponsive domain → Default timeout is 10 seconds

安全使用建议
This skill appears to do what it says: run the local ETALON CLI and parse its output. Before installing or using it: 1) Ensure you (or your agent) have the etalon-cli installed manually from the upstream repository (https://github.com/NMA-vc/etalon) and verify you trust that release (cargo will download/build code). 2) Confirm with any stakeholders before scanning domains you do not own—batch scans can probe third-party or internal hosts. 3) Note the small metadata mismatch: the top-level package summary lists no required binaries but SKILL.md requires the `etalon` CLI; make sure the agent environment actually has that binary or the skill will fail. 4) If you need stronger assurance, review the etalon repository and release artifacts (or use a packaged release from a trusted distribution) before installing. Otherwise the skill is coherent and proportionate to its purpose.
功能分析
Type: OpenClaw Skill Name: etalon-techscan Version: 0.9.5 The skill provides technology stack reconnaissance by wrapping the 'etalon-cli' tool. It is classified as suspicious because it requires high-risk capabilities including shell command execution and network access to scan arbitrary domains. Furthermore, the instructions in SKILL.md for executing 'etalon techscan <domain>' present a potential shell injection vulnerability if the agent fails to sanitize user-provided input. The skill also encourages the installation of external binaries via 'cargo install', which is a common vector for supply chain risks.
能力评估
Purpose & Capability
The SKILL.md describes running the etalon CLI (etalon techscan <domain>) to detect frameworks, CDNs, analytics, hosting, etc., which matches the skill's name and description. The only minor inconsistency: the registry summary at the top of the package listed no required binaries, while SKILL.md declares etalon as a required binary. Requiring the etalon CLI is reasonable for this purpose.
Instruction Scope
Instructions are narrowly scoped to running etalon on given domains (single or batch), parsing output, comparing stacks, and optionally correlating with cost heuristics. There are no instructions to read arbitrary system files, exfiltrate secrets, or call unexpected external endpoints. The SKILL.md explicitly asks to confirm with the user before running scans.
Install Mechanism
This is an instruction-only skill (no install spec). SKILL.md instructs users to install etalon-cli via `cargo install etalon-cli` if needed. That is a normal user-managed install but involves network/download and compiling Rust code; the skill itself does not auto-download or write code to disk.
Credentials
No environment variables, credentials, or config paths are requested. The skill's needs (a local etalon binary) are proportionate to the stated functionality.
Persistence & Privilege
always:false and no special persistence or system modifications are requested. The skill does not request elevated or cross-skill configuration changes.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install etalon-techscan
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /etalon-techscan 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v0.9.5
Initial publish: 5259 tech fingerprints, consent-first scanning, binary declarations
元数据
Slug etalon-techscan
版本 0.9.5
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Etalon Tech Scan 是什么?

Technology stack detection for any domain using the ETALON CLI. Identifies frameworks, CDNs, CMS platforms, analytics, payment systems, hosting providers, an... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 111 次。

如何安装 Etalon Tech Scan?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install etalon-techscan」即可一键安装,无需额外配置。

Etalon Tech Scan 是免费的吗?

是的,Etalon Tech Scan 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Etalon Tech Scan 支持哪些平台?

Etalon Tech Scan 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Etalon Tech Scan?

由 Nico Lumma(@rednix)开发并维护,当前版本 v0.9.5。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论