Pi-hole Skill
Control your Pi-hole DNS ad blocker via the Pi-hole v6 API.
Best use case
Pi-hole Skill is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Control your Pi-hole DNS ad blocker via the Pi-hole v6 API.
Teams using Pi-hole Skill should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/pihole/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How Pi-hole Skill Compares
| Feature / Agent | Pi-hole Skill | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Control your Pi-hole DNS ad blocker via the Pi-hole v6 API.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Pi-hole Skill
Control your Pi-hole DNS ad blocker via the Pi-hole v6 API.
## Setup
Set your Pi-hole API configuration in Clawdbot config:
```yaml
skills:
entries:
pihole:
apiUrl: "https://pi-hole.local/api" # v6 API path
apiToken: "your-app-password-here" # Get from Pi-hole Admin
insecure: false # Set to true for self-signed certs
```
Alternatively, set environment variables:
```bash
export PIHOLE_API_URL="https://pi-hole.local/api"
export PIHOLE_API_TOKEN="your-app-password-here"
export PIHOLE_INSECURE="false"
```
### Getting API Credentials
1. Open Pi-hole Admin at `http://pi-hole.local/admin`
2. Navigate to **Settings** > **API**
3. Generate an app password
4. Use that password as `apiToken`
## Capabilities
### Status
- Get current Pi-hole status (enabled/disabled)
- View stats: queries blocked, queries today, domains being blocked, active clients
- See recent query activity
### Controls
- **Enable/Disable**: Turn Pi-hole on or off
- **Disable for 5 minutes**: Temporarily disable ad blocking for a short period
- **Disable for custom duration**: Set specific disable time (in minutes)
### Block Analysis
- **Check blocked domains**: See what domains were blocked in a time window
- **Show top blocked**: Most frequently blocked domains
## Usage Examples
```
# Check Pi-hole status
"pihole status"
# Turn off ad blocking
"pihole off"
# Turn on ad blocking
"pihole on"
# Disable for 5 minutes (for a site that needs ads)
"pihole disable 5m"
# Disable for 30 minutes
"pihole disable 30"
# See what was blocked in the last 30 minutes
"pihole blocked"
# See blocked domains in last 10 minutes (600 seconds)
"pihole blocked 600"
# Show statistics
"pihole stats"
```
## API Endpoints (Pi-hole v6)
### Authentication
```
POST /api/auth
Content-Type: application/json
{"password":"your-app-password"}
Response:
{
"session": {
"sid": "session-token-here",
"validity": 1800
}
}
```
### Status
```
GET /api/dns/blocking
Headers: sid: <session-token>
Response:
{
"blocking": "enabled" | "disabled",
"timer": 30 // seconds until re-enable (if disabled with timer)
}
```
### Enable/Disable
```
POST /api/dns/blocking
Headers: sid: <session-token>
Content-Type: application/json
Enable:
{"blocking":true}
Disable:
{"blocking":false}
Disable with timer (seconds):
{"blocking":false,"timer":300}
```
### Stats
```
GET /api/stats/summary
Headers: sid: <session-token>
Response:
{
"queries": {
"total": 233512,
"blocked": 23496,
"percent_blocked": 10.06
},
"gravity": {
"domains_being_blocked": 165606
},
"clients": {
"active": 45
}
}
```
### Queries
```
GET /api/queries?start=-<seconds>
Headers: sid: <session-token>
Response:
{
"queries": [
{
"domain": "example.com",
"status": "GRAVITY",
"time": 1768363900,
"type": "A"
}
]
}
```
## v5 vs v6 API Changes
Pi-hole v6 introduced significant API changes:
| Feature | v5 API | v6 API |
|---------|----------|----------|
| Base URL | `/admin/api.php` | `/api` |
| Auth | Token in URL/headers | Session-based |
| Status | `?status` | `/api/dns/blocking` |
| Stats | `?summaryRaw` | `/api/stats/summary` |
| Queries | `?recentBlocked` | `/api/queries` |
| Whitelist | Supported via API | **Not available via API** |
**Important:** Domain whitelisting is no longer available via the v6 API. You must whitelist domains through the Pi-hole Admin UI.
## SSL Certificates
### Production (Valid Cert)
```yaml
{
"apiUrl": "https://pi-hole.example.com/api",
"apiToken": "...",
"insecure": false
}
```
### Self-Signed/Local Cert
```yaml
{
"apiUrl": "https://pi-hole.local/api",
"apiToken": "...",
"insecure": true
}
```
The `insecure` flag adds the `-k` option to curl to bypass certificate validation.
## Security Notes
- Session tokens expire after 30 minutes (1800 seconds)
- API password is sent in JSON body, not URL
- All requests have a 30-second timeout
- Token is not visible in process list (passed via environment)
## Troubleshooting
### "Failed to authenticate"
- Check that `apiToken` matches your Pi-hole app password
- Verify `apiUrl` is correct (must end in `/api`)
- Ensure Pi-hole is accessible from your network
### "Could not determine status"
- Check API URL is reachable
- If using HTTPS with self-signed cert, set `insecure: true`
- Verify API password is correct
### Network Errors
- Ensure clawdbot's machine can reach the Pi-hole
- Check firewall rules allow API access
- Verify URL scheme (http vs https)
## Requirements
- Pi-hole v6 or later
- App password generated in Pi-hole Admin
- Network access to Pi-hole API
- `curl`, `jq` (installed on most Unix systems)Related Skills
magic-wormhole
Secure secret sharing for OpenClaw using magic-wormhole protocol.
paylock
Non-custodial SOL escrow for AI agent deals.
agent-reputation
summary: Cross-platform AI agent reputation checker with trust scoring and PayLock escrow recommendations.
Telecom Agent Skill
Turn your AI Agent into a Telecom Operator. Bulk calling, ChatOps, and Field Monitoring.
OpenClaw-Finnhub
OpenClaw skill for real-time stock quote, and financials via Finnhub API.
```markdown
# OpenClaw-Last.fm
security-operator
Runtime security guardrails for OpenClaw agents.
operator-humanizer
Transform AI-generated text into authentic human writing.
kit-email-operator
**AI-powered email marketing for Kit (ConvertKit)**.
agora
Trade prediction markets on Agora — the prediction market exclusively for AI agents. Register, browse markets, trade YES/NO, create markets, earn reputation via Brier scores.
surf-check
Surf forecast decision engine.
jinko-flight-search
Search flights and discover travel destinations using the Jinko MCP server. Provides two core capabilities: (1) Destination discovery — find where to travel based on criteria like budget, climate, or activities when the user has no specific destination in mind, and (2) Specific flight search — compare flights between two known cities/airports with flexible dates, cabin classes, and budget filters. Use this skill when the user wants to: search for flights, find cheap flights, discover travel destinations, compare flight prices, plan a trip, find deals from a specific city, or explore where to go. Triggers on any flight-booking, travel-planning, or destination-discovery request. Requires the Jinko MCP server connected at https://mcp.gojinko.com.