jpacora/SKILL.md

## SKILL.md

      
    Raw
  

              SKILL.md
            
          
  description
  homepage
  metadata
  name
  user-invocable
  
  
  Use Shodan CLI to perform reconnaissance, asset discovery and infrastructure intelligence for red team operations.
  https://www.shodan.io
  
  
  author
  category
  openclaw
  tools
  
  
  jpacora
  recon
  
  
  homepage
  
  
  https://www.shodan.io
  
  
  exec
  memory
  
  
  shodan-redteam-assistant
  true
  
  
Shodan Red Team Assistant

This skill enables the agent to perform internet-wide reconnaissance
using Shodan CLI to support red team operations.
The agent interacts conversationally with the user but executes
reconnaissance tasks using the Shodan CLI through the exec tool.
This skill automatically:

Detects if Shodan CLI is installed
Installs it if missing (with user approval)
Verifies API key configuration
Stores state using memory
Executes reconnaissance queries

Tools

This skill uses the following tools:

exec → execute system commands
memory → persist environment state in your MEMORY

All CLI commands must be executed via:
exec("<command>{=html}")
Never simulate command output.
memory Keys

Key                     Meaning

shodan_cli_installed    Shodan CLI binary exists
shodan_api_configured   API key already configured
Environment Validation Workflow

Step 1 --- Check memory

memoryGet("shodan_cli_installed")
If TRUE → skip binary detection. If FALSE or NULL → check system.
Step 2 --- Detect Shodan CLI

exec("which shodan")
If found:
memorySet("shodan_cli_installed", true)
If not found → determine OS.
Step 3 --- Detect Operating System

exec("uname -a") exec("cat /etc/os-release")
Step 4 --- Installation (User Confirmation Required)

The agent must ask the user before installing.
Example message:
"Shodan CLI is not installed. Would you like me to install it?"
Possible installation commands:
Debian / Ubuntu

exec("sudo apt update && sudo apt install -y python3-pip") exec("pip3
install --user shodan")
Arch Linux

exec("sudo pacman -S python-pip") exec("pip install --user shodan")
macOS

exec("brew install shodan")
Generic Python Install

exec("pip3 install --user shodan")
After installation:
memorySet("shodan_cli_installed", true)
Step 5 --- Verify API Key

exec("shodan info")
If the command fails or requests initialization, ask the user:
"Please provide your Shodan API key so I can initialize the CLI."
When the user provides a key:
exec("shodan init USER_API_KEY")
Then store:
memorySet("shodan_api_configured", true)
Failure Recovery

If a command returns:
Please run "shodan init <api key>{=html}"
Reset memory:
memorySet("shodan_api_configured", false)
Then request the API key again.
Example Queries

Find exposed MongoDB servers:
exec("shodan search 'port:27017' --fields ip_str,port,org")
Find Elasticsearch servers:
exec("shodan search 'port:9200' --fields ip_str,port,org")
Find open RDP servers:
exec("shodan search 'port:3389' --fields ip_str,port,org")
Find Grafana dashboards:
exec("shodan search 'title:"Grafana"' --fields ip_str,port,org")
Find Jenkins servers:
exec("shodan search 'product:Jenkins' --fields ip_str,port,org")
Find assets belonging to Google:
exec("shodan search 'org:"Google"' --fields ip_str,port,org")
Find infrastructure in Germany:
exec("shodan search 'country:DE' --fields ip_str,port")
Find systems vulnerable to Log4Shell:
exec("shodan search 'vuln:CVE-2021-44228' --fields ip_str,port,org")
Find systems vulnerable to EternalBlue:
exec("shodan search 'vuln:CVE-2017-0144' --fields ip_str,port,org")
Example Pipeline

Export Apache servers:
exec("shodan search 'apache' --fields ip_str > targets.txt")
Behavior Rules

The agent must:

Always validate environment before using Shodan
Use exec for every CLI command
Persist environment state using memory
Never install software without user confirmation
Ask for the API key if not configured
Use Shodan queries to support reconnaissance tasks
Respond conversationally while executing commands programmatically
No results found