← 返回 Skills 市场
IP Threat Check
作者
freeter226
· GitHub ↗
· v1.0.0
· MIT-0
135
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install ip-threat-check
功能描述
Check IP address threat intelligence. Query multiple sources for IP reputation, geolocation, and threat scores.
使用说明 (SKILL.md)
IP Threat Check
Check IP address threat intelligence from multiple sources.
Features
- Multi-source Query - Query multiple threat intelligence sources
- Geolocation - Get IP geolocation info
- Threat Score - Check abuse/threat scores
- History - View recent abuse reports
- Bulk Check - Check multiple IPs at once
Usage
python3 skills/ip-threat-check/scripts/ip_threat.py \x3Caction> [options]
Actions
| Action | Description |
|---|---|
check |
Check single IP address |
bulk |
Check multiple IPs |
info |
Get basic IP info (no API key needed) |
Options
| Option | Type | Default | Description |
|---|---|---|---|
--ip |
string | - | IP address to check |
--file |
string | - | File with IPs (one per line) |
--source |
string | all | Source (all, abuseipdb, ipapi) |
--days |
int | 30 | Days of history to check |
Data Sources
| Source | API Key | Info Provided |
|---|---|---|
| ip-api.com | ❌ Free | Geolocation, ISP |
| AbuseIPDB | ✅ Required | Threat score, reports |
| VirusTotal | ✅ Optional | Additional threat info |
Examples
# Basic IP info (no API key)
python3 skills/ip-threat-check/scripts/ip_threat.py info --ip 8.8.8.8
# Full threat check (requires API key)
python3 skills/ip-threat-check/scripts/ip_threat.py check --ip 192.168.1.1
# Bulk check
python3 skills/ip-threat-check/scripts/ip_threat.py bulk --file ips.txt
Environment Variables
| Variable | Required | Description |
|---|---|---|
ABUSEIPDB_API_KEY |
Optional | AbuseIPDB API key |
Output Example
{
"success": true,
"ip": "8.8.8.8",
"geolocation": {
"country": "United States",
"city": "Mountain View",
"isp": "Google LLC"
},
"threat": {
"score": 0,
"reports": 0,
"risk": "low"
}
}
Use Cases
- Security Analysis - Check suspicious IPs
- Log Analysis - Enrich log data with threat info
- Incident Response - Quick IP reputation check
- Threat Hunting - Identify malicious IPs
Current Status
In development.
安全使用建议
This skill appears to do what it says: run the included Python script to query ip-api.com (free) and AbuseIPDB (if you set ABUSEIPDB_API_KEY). Before installing, consider: (1) providing an AbuseIPDB key will send queried IPs to that third party — do not submit private/internal addresses you don't want disclosed; (2) the metadata/README disagree about whether the key is required — the script will simply skip AbuseIPDB if no key is present; (3) SKILL.md mentions VirusTotal but the script does not use it; (4) outbound HTTP(S) calls will be made to ip-api.com and api.abuseipdb.com and may be rate-limited. If you need the skill to use additional sources (e.g., VirusTotal) or to avoid sending certain IP ranges, review/modify the included script before use.
功能分析
Type: OpenClaw Skill
Name: ip-threat-check
Version: 1.0.0
The skill is a legitimate tool for querying IP threat intelligence and geolocation data from ip-api.com and AbuseIPDB. The core logic in `scripts/ip_threat.py` uses standard Python libraries (urllib) to perform API requests and lacks any indicators of malicious intent, such as data exfiltration, unauthorized execution, or prompt injection.
能力评估
Purpose & Capability
Name/description (IP threat checks) align with required binaries (python3), the single environment variable (ABUSEIPDB_API_KEY) and the included script. The script queries ip-api.com and AbuseIPDB, which is coherent with the stated purpose.
Instruction Scope
Runtime instructions are scoped to running the included Python script and supplying an IP or file of IPs. The script performs only network queries to ip-api.com and api.abuseipdb.com and reads a user-provided file for bulk mode. Minor issues: SKILL.md mentions VirusTotal as an optional source but the included script does not call VirusTotal; SKILL.md metadata lists ABUSEIPDB_API_KEY as required while the script treats it as optional (skips AbuseIPDB if not set).
Install Mechanism
There is no install spec (instruction-only with an included script). No external packages are downloaded or executed during install; the only runtime requirement is python3 which is reasonable for a Python script.
Credentials
Only ABUSEIPDB_API_KEY is referenced. This is proportionate to accessing AbuseIPDB. However, registry/metadata and SKILL.md differ about whether that variable is required or optional; the code treats it as optional. No other credentials or unrelated secrets are requested.
Persistence & Privilege
The skill does not request persistent or elevated privileges, does not set always:true, and does not modify other skills or system configuration. It runs only when invoked.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install ip-threat-check - 安装完成后,直接呼叫该 Skill 的名称或使用
/ip-threat-check触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
首个版本:支持 IP 地理位置查询、威胁情报查询、批量检查
元数据
常见问题
IP Threat Check 是什么?
Check IP address threat intelligence. Query multiple sources for IP reputation, geolocation, and threat scores. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 135 次。
如何安装 IP Threat Check?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install ip-threat-check」即可一键安装,无需额外配置。
IP Threat Check 是免费的吗?
是的,IP Threat Check 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
IP Threat Check 支持哪些平台?
IP Threat Check 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 IP Threat Check?
由 freeter226(@freeter226)开发并维护,当前版本 v1.0.0。
推荐 Skills