Shodan Reconnaissance and Pentesting

Guides users in leveraging Shodan for reconnaissance and pentesting, identifying exposed devices and vulnerabilities effectively.

Install this skill

81/100

Security score

The Shodan Reconnaissance and Pentesting skill was audited on Feb 28, 2026 and we found 7 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 266

Curl to non-GitHub URL

SourceSKILL.md

266	curl -s "https://api.shodan.io/api-info?key=YOUR_KEY" \| jq

medium line 269

Curl to non-GitHub URL

SourceSKILL.md

269	curl -s "https://api.shodan.io/shodan/host/1.1.1.1?key=YOUR_KEY" \| jq

medium line 272

Curl to non-GitHub URL

SourceSKILL.md

272	curl -s "https://api.shodan.io/shodan/host/search?key=YOUR_KEY&query=apache" \| jq

low line 256

Webhook reference - potential data exfiltration

SourceSKILL.md

256	3. Configure notification service (email, Slack, webhook)

low line 266

External URL reference

SourceSKILL.md

266	curl -s "https://api.shodan.io/api-info?key=YOUR_KEY" \| jq

low line 269

External URL reference

SourceSKILL.md

269	curl -s "https://api.shodan.io/shodan/host/1.1.1.1?key=YOUR_KEY" \| jq

low line 272

External URL reference

SourceSKILL.md

272	curl -s "https://api.shodan.io/shodan/host/search?key=YOUR_KEY&query=apache" \| jq

Scanned on Feb 28, 2026

View Security Dashboard

Installation guide →

GitHub Stars 508

Rating

5.01

Rate this skill

Categorydevelopment

UpdatedApril 25, 2026

openclaw api security-engineer data-analyst development data analytics

Dicklesworthstone/pi_agent_rust