Klaus IOC Scanner — 技能工具
v1.0.0Analisa URLs, domínios e IPs para verificar reputação e detectar malware ou phishing usando VirusTotal e AbuseIPDB.
0· 258·0 当前·0 累计
by 安全扫描
OpenClaw
安全
high confidenceThe skill's code, runtime instructions, and requested credentials are consistent with a VirusTotal/AbuseIPDB IOC scanner; nothing in the package indicates hidden exfiltration or unrelated privileges, though there are minor mismatches and missing dependency declarations you should review before use.
评估建议
This skill appears to do what it says: query VirusTotal and AbuseIPDB for URLs/domains/IPs. Before installing: (1) review the included src/ioc_scan.py yourself (or run it in an isolated environment) to confirm behavior; (2) only provide dedicated API keys for VirusTotal and AbuseIPDB (create keys you can revoke and monitor) because submitted IOCs will be visible to those services; (3) note the package does not declare the Python 'requests' dependency — ensure your environment has it; (4) the met...详细分析 ▾
✓ 用途与能力
Name/description claim scanning IOCs via VirusTotal and AbuseIPDB and the package indeed queries those services and asks for their API keys. One minor mismatch: SKILL metadata lists curl as a required binary, but the Python code uses the requests library and does not call curl.
✓ 指令范围
SKILL.md instructs providing VIRUSTOTAL_API_KEY and ABUSEIPDB_API_KEY and running the included Python script; the instructions and code limit network calls to VirusTotal (v2 endpoints) and AbuseIPDB. The skill extracts IOCs from supplied text and does not reference unrelated system files or other environment variables. Note: SKILL.md's declared required bin ('curl') is not actually invoked by the code.
ℹ 安装机制
There is no install spec (instruction-only), which minimizes installation risks. However, the bundle includes a Python script that imports requests but the package does not declare or install that dependency; runtime will fail if requests is not present. No external downloads or obscure endpoints are used.
✓ 凭证需求
The skill requires exactly two API keys (VirusTotal and AbuseIPDB) which are necessary for its stated functionality. No other credentials, system config paths, or unrelated secrets are requested.
✓ 持久化与权限
The skill is not forced always-on (always:false) and does not request elevated or system-wide persistence. It does not modify other skills or global agent settings in the provided files.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/5
Initial release of klaus-ioc-scan. - Scans URLs, domains, and IPs (IOCs) for reputation and malware/phishing detections using VirusTotal and AbuseIPDB. - Accepts input via user triggers (scan, reputação, "é malicioso?", etc.) and command-line interface. - Requires API keys for VirusTotal and AbuseIPDB. - Returns summary verdict, quick results table, detailed IOC report, and actionable recommendations.
● 无害
安装命令 点击复制
官方npx clawhub@latest install klaus-ioc-scan
镜像加速npx clawhub@latest install klaus-ioc-scan --registry https://cn.clawhub-mirror.com
技能文档
用户未提供 SKILL.md 文档内容。
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制