← 返回 Skills 市场

HomeNetworkSecurityAgent

Name: HomeNetworkSecurityAgent
Author: assix

作者 Anthony Assi · GitHub ↗ · v1.0.0 · MIT-0

cross-platform ⚠ suspicious

总下载

当前安装

版本数

在 OpenClaw 中安装

/install home-network-security-agent

功能描述

Audits local network infrastructure, identifies active hosts, and scans the gateway/public IP for exposed ports and vulnerabilities.

使用说明 (SKILL.md)

HomeNetworkSecurityAgent

This agent performs internal and external security audits of your home network environment. It utilizes nmap to discover devices and footprint exposed services.

Setup

Ensure nmap is installed on the host system:

sudo apt install nmap

User Instructions

"Scan my local network and tell me what devices are online."
"Find my public IP and gateway, then check if my gateway management ports (like 8443, 443) or DNS resolvers (like port 53) are exposed to the outside."
"Run a deep vulnerability scan on my router to see if it needs a firmware update."

Tools

`get_network_topology`

Retrieves the default gateway IP and the external public IP address of the network.

Inputs: None
Call: python3 scanner.py --tool get_network_topology

`discover_lan_hosts`

Performs a ping sweep on the local subnet to identify all connected physical and IoT devices.

Inputs: gateway_ip (string)
Call: python3 scanner.py --tool discover_lan_hosts --target {{gateway_ip}}

`scan_ports_and_vulns`

Runs a service detection scan against a target IP (local or public) to list open ports and identify potential misconfigurations.

Inputs: ip_address (string), scan_type (string: "fast" or "deep")
Call: python3 scanner.py --tool scan_ports_and_vulns --target {{ip_address}} --type {{scan_type}}

安全使用建议

This skill appears to do what it says (local and gateway scanning) but has some risky implementation details. Before installing: (1) only run this on networks and devices you own or have explicit permission to scan—deep scans can be disruptive or violate terms of service; (2) be aware the script blindly converts the gateway IP to a /24 subnet and may scan public addresses if your gateway IP is not a private LAN address; (3) the script fetches your public IP from ifconfig.me (an external third-party service) — if you prefer, replace or remove that call; (4) ensure python3, nmap, and ip are installed and that the Python 'requests' package is available; (5) prefer manual/user-invoked runs (do not allow autonomous invocation) and consider running the script from an isolated machine or VM first to observe behavior. If you want higher assurance, request the author add explicit checks to confirm the gateway is a private RFC1918 address, require user confirmation before deep scans, and declare Python dependencies.

功能分析

Type: OpenClaw Skill Name: home-network-security-agent Version: 1.0.0 The HomeNetworkSecurityAgent bundle provides legitimate network auditing functionality as described in its documentation. The 'scanner.py' script utilizes 'nmap' for local host discovery and port scanning, and uses the well-known 'ifconfig.me' service to retrieve the public IP address. The code follows security best practices by using list-based arguments in 'subprocess.run' to prevent shell injection and contains no evidence of data exfiltration, persistence, or malicious intent.

能力评估

✓ Purpose & Capability

The name, description, declared required binaries (python3, nmap, ip), and included code all align with a home-network scanning purpose. The included scanner.py implements gateway discovery, LAN ping sweeps, and nmap port/vulnerability scans, which are expected for this skill.

⚠ Instruction Scope

Instructions and the code stay within network-scanning tasks, but the implementation has unsafe/naive behavior: it infers a /24 subnet from the gateway IP without verifying it's a private/local address, which can cause scans of public/third-party address ranges. The script also makes an external HTTP call to ifconfig.me to fetch the public IP (expected, but notable). There are no safeguards, confirmations, or rate limits for deep scans (-p-), which can be disruptive and potentially legally sensitive if used on addresses you do not own.

✓ Install Mechanism

This is instruction-only with a bundled Python script and no install spec — nothing is downloaded or installed by the registry. That is the lowest-risk install model. Note: the script uses the Python 'requests' module but the skill does not declare Python dependencies; this may cause runtime failures but not a direct security issue.

ℹ Credentials

The skill requests no environment variables or credentials (proportionate). It does perform network I/O (nmap scans, ip route, and an HTTP request to ifconfig.me). Network access is expected for this purpose, but the external call and ability to scan arbitrary targets should be understood and limited to networks you control.

✓ Persistence & Privilege

The skill does not request persistent privileges (always:false) and does not modify other skills or system-wide configuration. It requires only runtime invocation and standard binaries.

如何使用

确保已安装 OpenClaw（本地或 Docker 部署）
在对话框中输入安装命令：/install home-network-security-agent
安装完成后，直接呼叫该 Skill 的名称或使用 /home-network-security-agent 触发
根据 Skill 的参数说明提供必要输入，即可获得结构化输出

版本历史

v1.0.0

Initial release of HomeNetworkSecurityAgent. - Audits internal and external network security. - Discovers active devices on the local network. - Scans gateway/public IP for open ports and vulnerabilities. - Provides tools for network topology identification, LAN host discovery, and port/vulnerability scanning. - Requires python3, nmap, and ip binaries on host system.

元数据

Slug home-network-security-agent

版本 1.0.0

许可证 MIT-0

累计安装 0

当前安装数 0

历史版本数 1

常见问题