Lan Scanner
Discover devices and scan ports on your local network using nmap with security-first defaults.
Why use this skill?
Discover devices and audit open ports on your local network using this secure nmap-based agent skill. Identify security risks in minutes.
Install via CLI (Recommended)
clawhub install openclaw/skills/skills/sa9saq/lan-scannerWhat This Skill Does
The Lan Scanner skill is a robust, security-conscious utility designed to map local network topologies and identify potential vulnerabilities. By leveraging the industry-standard nmap tool, it allows users to discover connected devices, identify open ports, and conduct service-level reconnaissance. This skill is engineered with "security-first" defaults, ensuring that scanning operations are restricted to private IP ranges and preventing accidental scanning of public infrastructure. It provides actionable intelligence by parsing scan results into a clean, human-readable format that highlights critical risks such as insecure protocols (e.g., Telnet, unencrypted HTTP) and exposed management interfaces.
Installation
To integrate this skill into your OpenClaw environment, ensure that nmap is present on your system. On Debian/Ubuntu-based distributions, run sudo apt install nmap. On macOS, use brew install nmap. Once verified, execute the following command in your terminal: clawhub install openclaw/skills/skills/sa9saq/lan-scanner. No API keys or external services are required, as the skill operates entirely locally.
Use Cases
- Security Auditing: Rapidly identify devices on your home or office network that may have insecure services exposed.
- Network Troubleshooting: Verify device connectivity or identify which IP addresses are assigned to specific hardware when standard DHCP lists are unavailable.
- Inventory Management: Generate an overview of your local network assets for documentation or security hardening purposes.
- Vulnerability Assessment: Conduct proactive service detection to ensure that critical vulnerabilities aren't exposed to the internal network.
Example Prompts
- "Scan my local network and tell me which devices are active and what services they are running."
- "I think there's a rogue device on my Wi-Fi, can you run a quick scan and list all connected devices and their open ports?"
- "Run a vulnerability scan on 192.168.1.5 and check if there are any insecure ports open that I should close."
Tips & Limitations
- Target Validation: Always define your subnet clearly. The skill is hard-coded to reject public IPs to ensure ethical usage.
- Permissions: Some features, such as OS detection, require root privileges via
sudo. However, basic discovery and port scanning can be performed without administrative access. - Subnet Size: Avoid scanning subnets larger than /24 to maintain performance. If scanning a /16 or /8 network, expect long execution times.
- Firewalls: Many modern operating systems block ICMP packets (ping). If a device fails to appear, consider using the
-Pnflag to force port discovery, but be aware this significantly increases scan duration.
Metadata
Not sure this is the right skill?
Describe what you want to build — we'll match you to the best skill from 16,000+ options.
Find the right skillPaste this into your clawhub.json to enable this plugin.
{
"plugins": {
"official-sa9saq-lan-scanner": {
"enabled": true,
"auto_update": true
}
}
}Tags(AI)
Flags: network-access, code-execution
Related Skills
threat-model
Threat modeling and attack scenario design. Identify risks before they become vulnerabilities. STRIDE, attack trees, risk matrix.
Sns Auto Poster
Schedule and automate social media posts to X/Twitter with cron-based queue management.
security-review
Comprehensive security review for code, configs, and operations. OWASP, prompt injection, crypto security. Auto-triggers on security-related changes.
Process Monitor
Monitor system processes, identify top CPU/memory consumers, and alert on resource thresholds.
Readme Generator
Auto-generate comprehensive README.md files by analyzing project structure and configuration.