← 返回 Skills 市场
nmap MCP server for AI-assisted network security auditing
作者
Shane Milburn
· GitHub ↗
· v1.0.0
415
总下载
1
收藏
3
当前安装
1
版本数
在 OpenClaw 中安装
/install nmap-mcp
功能描述
Network scanning MCP server wrapping nmap. Provides 14 purpose-built tools for host discovery, port scanning (SYN/TCP/UDP), service & OS detection, NSE scrip...
安全使用建议
This skill is coherent with its stated purpose (an nmap MCP wrapper) and includes sensible safeguards (CIDR allowlist, target validation, audit logging, injection guards). Before installing: 1) confirm you actually want an on-host nmap service (it will execute nmap subprocesses and write scan results/audit logs to disk); 2) review and tighten config.yaml allowed_cidrs to your precise scope — do not leave broad RFC1918 ranges enabled in shared environments; 3) understand the host change required: granting cap_net_raw to the nmap binary (setcap) is necessary for SYN/ARP/OS scans and should be applied only if you trust this code and the environment; 4) protect the scan and audit directories (they may contain sensitive host/service info); 5) note the metadata mismatch (registry says no required binaries / instruction-only while the code requires nmap and Python packages) — installation is manual. If you want stronger assurance, run the bundled tests locally (they exercise scope enforcement, logging, persistence, and injection guards) and audit server.py end-to-end for any remaining truncated functions before deploying on production hosts.
功能分析
Type: OpenClaw Skill
Name: nmap-mcp
Version: 1.0.0
The nmap-mcp skill bundle is a robust and well-documented MCP server for network auditing. It features 14 specialized tools with built-in security controls, including CIDR scope enforcement, audit logging, and protection against shell injection and path traversal. While a minor vulnerability exists in the regex used to filter dangerous nmap flags in the custom scan tool (potentially allowing script paths if using an equals sign), the inclusion of a comprehensive test suite (tests/test_nmap_mcp.py) and clear focus on responsible security auditing indicate the bundle is benign and professionally developed.
能力评估
Purpose & Capability
The skill is an nmap MCP server and the included server.py, tests, README, and SKILL.md implement that functionality (scope enforcement, audit logging, scan persistence, and structured JSON output). Minor metadata mismatch: registry lists 'required binaries: none' and 'instruction-only', but the SKILL.md and code clearly require nmap and Python packages (fastmcp, python-nmap, pyyaml). This is explainable (install left to the user) but worth noting.
Instruction Scope
SKILL.md and server.py limit actions to scanning with nmap, scope checks, logging, and persistence. Instructions explicitly require configuring allowed CIDRs and warn about granting cap_net_raw only to nmap. The code includes input validation, hostname resolution with 'fail closed' behavior, and an injection guard for custom flags. No instructions or code paths were found that read unrelated system secrets or exfiltrate data to external endpoints.
Install Mechanism
No install spec is provided (skill is treated as instruction-only), which is lower risk but means the user must run pip install and configure mcporter/clawhub manually. The README and SKILL.md instruct pip install of dependencies and setcap on nmap; dependencies come from PyPI (requirements.txt). No unusual download URLs or archive extraction are used.
Credentials
The skill does not request credentials or sensitive environment variables. It uses a single optional NMAP_CONFIG env var to point to config.yaml (documented). It persists scans and audit logs to local disk as expected for this tool; these files will contain scan outputs and should be protected accordingly.
Persistence & Privilege
The skill persists scan results and an audit log to disk (SCAN_DIR and AUDIT_LOG) and therefore requires filesystem write access to its working directory. It also requires granting cap_net_raw capability to the nmap binary for SYN/OS/ARP scans — a privileged operation that the README documents and justifies, but which increases host attack surface if misused. 'always' is false and autonomous invocation is allowed (platform default).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install nmap-mcp - 安装完成后,直接呼叫该 Skill 的名称或使用
/nmap-mcp触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial public release — 14 nmap tools with structured JSON output, scope enforcement, audit logging, and injection hardening
元数据
常见问题
nmap MCP server for AI-assisted network security auditing 是什么?
Network scanning MCP server wrapping nmap. Provides 14 purpose-built tools for host discovery, port scanning (SYN/TCP/UDP), service & OS detection, NSE scrip... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 415 次。
如何安装 nmap MCP server for AI-assisted network security auditing?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install nmap-mcp」即可一键安装,无需额外配置。
nmap MCP server for AI-assisted network security auditing 是免费的吗?
是的,nmap MCP server for AI-assisted network security auditing 完全免费(开源免费),可自由下载、安装和使用。
nmap MCP server for AI-assisted network security auditing 支持哪些平台?
nmap MCP server for AI-assisted network security auditing 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 nmap MCP server for AI-assisted network security auditing?
由 Shane Milburn(@sbmilburn)开发并维护,当前版本 v1.0.0。
推荐 Skills