AI Agent Skill HUB

network-scanner

Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks.

7 stars
byDemerzels-lab
View on GitHubInstallation ↓

Best use case

network-scanner is best used when you need a repeatable AI agent workflow instead of a one-off prompt.

Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks.

Teams using network-scanner should expect a more consistent output, faster repeated execution, less prompt rewriting.

When to use this skill

  • You want a reusable workflow that can be run more than once with consistent structure.

When not to use this skill

  • You only need a quick one-off answer and do not need a reusable workflow.
  • You cannot install or maintain the underlying files, dependencies, or repository context.

Installation

Claude Code / Cursor / Codex

$curl -o ~/.claude/skills/network-scanner/SKILL.md --create-dirs "https://raw.githubusercontent.com/Demerzels-lab/elsamultiskillagent/main/public/skills/florianbeer/network-scanner/SKILL.md"

Manual Installation

  1. Download SKILL.md from GitHub
  2. Place it in .claude/skills/network-scanner/SKILL.md inside your project
  3. Restart your AI agent — it will auto-discover the skill

How network-scanner Compares

Feature / Agentnetwork-scannerStandard Approach
Platform SupportNot specifiedLimited / Varies
Context Awareness High Baseline
Installation ComplexityUnknownN/A

Frequently Asked Questions

What does this skill do?

Scan networks to discover devices, gather MAC addresses, vendors, and hostnames. Includes safety checks to prevent accidental scanning of public networks.

Where can I find the source code?

You can find the source code on GitHub using the link provided at the top of the page.

SKILL.md Source

# Network Scanner

Discover and identify devices on local or remote networks using nmap. Gathers IP addresses, hostnames (via reverse DNS), MAC addresses, and vendor identification.

**Safety First:** Includes built-in protection against accidentally scanning public IP ranges or networks without proper private routing — preventing abuse reports from hosting providers.

## Requirements

- `nmap` - Network scanning (`apt install nmap` or `brew install nmap`)
- `dig` - DNS lookups (usually pre-installed)
- `sudo` access recommended for MAC address discovery

## Quick Start

```bash
# Auto-detect and scan current network
python3 scripts/scan.py

# Scan a specific CIDR
python3 scripts/scan.py 192.168.1.0/24

# Scan with custom DNS server for reverse lookups
python3 scripts/scan.py 192.168.1.0/24 --dns 192.168.1.1

# Output as JSON
python3 scripts/scan.py --json
```

## Configuration

Configure named networks in `~/.config/network-scanner/networks.json`:

```json
{
  "networks": {
    "home": {
      "cidr": "192.168.1.0/24",
      "dns": "192.168.1.1",
      "description": "Home Network"
    },
    "office": {
      "cidr": "10.0.0.0/24",
      "dns": "10.0.0.1",
      "description": "Office Network"
    }
  },
  "blocklist": [
    {
      "cidr": "10.99.0.0/24",
      "reason": "No private route from this host"
    }
  ]
}
```

Then scan by name:

```bash
python3 scripts/scan.py home
python3 scripts/scan.py office --json
```

## Safety Features

The scanner includes multiple safety checks to prevent accidental abuse:

1. **Blocklist** — Networks in the `blocklist` config array are always blocked
2. **Public IP check** — Scanning public (non-RFC1918) IP ranges is blocked
3. **Route verification** — For ad-hoc CIDRs, verifies the route uses private gateways

**Trusted networks** (configured in `networks.json`) skip route verification since you've explicitly approved them.

```bash
# Blocked - public IP range
$ python3 scripts/scan.py 8.8.8.0/24
❌ BLOCKED: Target 8.8.8.0/24 is a PUBLIC IP range

# Blocked - in blocklist  
$ python3 scripts/scan.py 10.99.0.0/24
❌ BLOCKED: 10.99.0.0/24 is blocklisted

# Allowed - configured trusted network
$ python3 scripts/scan.py home
✓ Scanning 192.168.1.0/24...
```

## Commands

```bash
# Create example config
python3 scripts/scan.py --init-config

# List configured networks
python3 scripts/scan.py --list

# Scan without sudo (may miss MAC addresses)
python3 scripts/scan.py home --no-sudo
```

## Output Formats

**Markdown (default):**
```
### Home Network
*Last scan: 2026-01-28 00:10*

| IP | Name | MAC | Vendor |
|----|------|-----|--------|
| 192.168.1.1 | router.local | AA:BB:CC:DD:EE:FF | Ubiquiti |
| 192.168.1.100 | nas.local | 11:22:33:44:55:66 | Synology |

*2 devices found*
```

**JSON (--json):**
```json
{
  "network": "Home Network",
  "cidr": "192.168.1.0/24",
  "devices": [
    {
      "ip": "192.168.1.1",
      "hostname": "router.local",
      "mac": "AA:BB:CC:DD:EE:FF",
      "vendor": "Ubiquiti"
    }
  ],
  "scanned_at": "2026-01-28T00:10:00",
  "device_count": 2
}
```

## Use Cases

- **Device inventory**: Keep track of all devices on your network
- **Security audits**: Identify unknown devices
- **Documentation**: Generate network maps for documentation
- **Automation**: Integrate with home automation to detect device presence

## Tips

- Use `sudo` for accurate MAC address detection (nmap needs privileges for ARP)
- Configure your local DNS server for better hostname resolution
- Add configured networks to skip route verification on every scan
- Add networks you can't reach privately to the blocklist to prevent accidents
- Extend `MAC_VENDORS` in the script for better device identification

Related Skills

network-ai

7
from Demerzels-lab/elsamultiskillagent

Multi-agent swarm orchestration for complex workflows.

outtake-bounty-network

7
from Demerzels-lab/elsamultiskillagent

Earn $5 USDC per verified malicious domain. Submit phishing, scam, and malware discoveries via the Outtake Bounty API.

skill-scanner

7
from Demerzels-lab/elsamultiskillagent

Scan OpenBot/Clawdbot skills for security vulnerabilities, malicious code, and suspicious patterns before installing them. Use when a user wants to audit a skill, check if a ClawHub skill is safe, scan for credential exfiltration, detect prompt injection, or review skill security. Triggers on security audit, skill safety check, malware scan, or trust verification.

agent-network

7
from Demerzels-lab/elsamultiskillagent

Multi-Agent group chat collaboration system inspired by DingTalk/Lark.

Heimdall - Security Scanner for AI Agent Skills

7
from Demerzels-lab/elsamultiskillagent

Scan OpenClaw skills for malicious patterns before installation. Context-aware scanning with AI-powered narrative analysis.

GSTD A2A Network

7
from Demerzels-lab/elsamultiskillagent

Decentralized Agent-to-Agent Autonomous Economy. Connects hardware and agents for distributed compute, hive memory access, and economic settlement.

ultimate-fork-and-skill-scanner

7
from Demerzels-lab/elsamultiskillagent

Scan GitHub forks and ClawHub skills for valuable changes, innovations, and enhancements.

fork-and-skill-scanner-ultimate

7
from Demerzels-lab/elsamultiskillagent

Scan 1,000 GitHub forks per run.

dns-networking

7
from Demerzels-lab/elsamultiskillagent

Debug DNS resolution and network connectivity. Use when troubleshooting DNS failures, testing port connectivity, diagnosing firewall rules, inspecting HTTP requests with curl verbose mode, configuring /etc/hosts, or debugging proxy and certificate issues.

check-network

7
from Demerzels-lab/elsamultiskillagent

check network

security-scanner

7
from Demerzels-lab/elsamultiskillagent

Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure.

security-skill-scanner

7
from Demerzels-lab/elsamultiskillagent

Security scanner for ClawdHub skills - detects suspicious patterns, manages whitelists, and monitors Moltbook for security threats.