← 返回 Skills 市场
Network Scanner
作者
Florian Beer
· GitHub ↗
· v1.1.0
5339
总下载
0
收藏
36
当前安装
2
版本数
在 OpenClaw 中安装
/install network-scanner
功能描述
Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks.
安全使用建议
Review before installing. Use only on networks you own or are authorized to scan, avoid untrusted network names, CIDRs, DNS values, and config files, and prefer --no-sudo unless MAC discovery is required. The publisher should replace shell=True command strings with argument-list subprocess calls and validate CIDR/DNS/config inputs before this is treated as low risk.
功能分析
Type: OpenClaw Skill
Name: network-scanner
Version: 1.1.0
The skill is classified as suspicious due to a command injection vulnerability in `scripts/scan.py`. The `subprocess.run` function is used with `shell=True` to execute `dig` commands, and the `--dns` argument (user-controlled input) is directly interpolated into the shell command string without proper sanitization. This allows an attacker to inject arbitrary shell commands by providing a crafted DNS server value (e.g., `--dns '8.8.8.8; rm -rf /'`). While the skill includes safety features to prevent accidental public network scanning, this specific vulnerability poses a significant risk for arbitrary code execution.
能力评估
Purpose & Capability
The stated purpose and behavior are coherent: it uses nmap and dig to discover hosts, hostnames, MAC addresses, and vendors on selected networks. That network inventory is sensitive, but expected for this tool.
Instruction Scope
scripts/scan.py uses subprocess.run(..., shell=True) through run_cmd and interpolates user/config-controlled values into commands, including --dns, configured cidr values, and scan targets. This creates a concrete command-injection risk outside the intended scan workflow.
Install Mechanism
No installer, remote bootstrap, or package-install script is present. The skill discloses its dependency on local nmap and dig binaries.
Credentials
Active network scanning and reverse DNS lookups are proportionate to the stated purpose, and the skill includes public-range, blocklist, and route-safety checks. Users still need authorization for scanned networks.
Persistence & Privilege
The skill can create a local config file under ~/.config/network-scanner and recommends sudo for MAC discovery, but there is no evidence of background persistence, hidden services, credential theft, or external exfiltration.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install network-scanner - 安装完成后,直接呼叫该 Skill 的名称或使用
/network-scanner触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
Added homepage metadata, improved safety documentation, enhanced blocklist config format
v1.0.0
Initial release of network-scanner.
- Scan local or custom networks to discover devices, MAC addresses, vendors, and hostnames.
- Supports scanning by configured network names or direct CIDR input.
- Outputs results in Markdown (default) or JSON format.
- Provides example configuration, network listing, and custom DNS options.
- Requires nmap and dig; sudo recommended for full MAC address visibility.
元数据
常见问题
Network Scanner 是什么?
Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 5339 次。
如何安装 Network Scanner?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install network-scanner」即可一键安装,无需额外配置。
Network Scanner 是免费的吗?
是的,Network Scanner 完全免费(开源免费),可自由下载、安装和使用。
Network Scanner 支持哪些平台?
Network Scanner 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Network Scanner?
由 Florian Beer(@florianbeer)开发并维护,当前版本 v1.1.0。
推荐 Skills