Skip to main content

osint-investigator

Facilitates deep OSINT investigations to gather and analyze publicly available information on various targets, producing structured reports.

Install this skill

or
0/100

Security score

The osint-investigator skill was audited on Mar 3, 2026 and we found 58 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 55

Curl to non-GitHub URL

SourceSKILL.md
55curl -s https://ipinfo.io/<ip>/json
medium line 56

Curl to non-GitHub URL

SourceSKILL.md
56curl -s https://ip-api.com/json/<ip>
medium line 146

Curl to non-GitHub URL

SourceSKILL.md
146curl -s "https://haveibeenpwned.com/api/v3/breachedaccount/<email>" -H "hibp-api-key: <key>"
medium line 150

Curl to non-GitHub URL

SourceSKILL.md
150curl -s "https://www.gravatar.com/<md5_hash>.json"
medium line 157

Curl to non-GitHub URL

SourceSKILL.md
157curl -s "https://phonevalidation.abstractapi.com/v1/?api_key=<key>&phone=<number>"
medium line 180

Curl to non-GitHub URL

SourceSKILL.md
180curl -s "https://archive.org/wayback/available?url=<url>"
medium line 319

Curl to non-GitHub URL

SourceSKILL.md
319curl -s "https://api.shodan.io/shodan/host/<ip>?key=$SHODAN_KEY"
medium line 320

Curl to non-GitHub URL

SourceSKILL.md
320curl -s "https://api.shodan.io/dns/resolve?hostnames=<domain>&key=$SHODAN_KEY"
medium line 325

Curl to non-GitHub URL

SourceSKILL.md
325curl -s "https://api.hunter.io/v2/domain-search?domain=<domain>&api_key=$HUNTER_KEY"
medium line 326

Curl to non-GitHub URL

SourceSKILL.md
326curl -s "https://api.hunter.io/v2/email-verifier?email=<email>&api_key=$HUNTER_KEY"
medium line 331

Curl to non-GitHub URL

SourceSKILL.md
331curl -s "https://haveibeenpwned.com/api/v3/breachedaccount/<email>" \
medium line 337

Curl to non-GitHub URL

SourceSKILL.md
337curl -s "https://maps.googleapis.com/maps/api/geocode/json?address=<address>&key=$GMAPS_KEY"
medium line 338

Curl to non-GitHub URL

SourceSKILL.md
338curl -s "https://maps.googleapis.com/maps/api/place/textsearch/json?query=<query>&key=$GMAPS_KEY"
medium line 339

Curl to non-GitHub URL

SourceSKILL.md
339curl -s "https://maps.googleapis.com/maps/api/streetview/metadata?location=<lat,lng>&key=$GMAPS_KEY"
low line 51

External URL reference

SourceSKILL.md
51Also fetch: `https://rdap.org/domain/<domain>` via `web_fetch`
low line 55

External URL reference

SourceSKILL.md
55curl -s https://ipinfo.io/<ip>/json
low line 56

External URL reference

SourceSKILL.md
56curl -s https://ip-api.com/json/<ip>
low line 58

External URL reference

SourceSKILL.md
58Also check: `https://www.shodan.io/host/<ip>` via `web_fetch`
low line 63

External URL reference

SourceSKILL.md
63- `https://twitter.com/<username>`
low line 64

External URL reference

SourceSKILL.md
64- `https://instagram.com/<username>`
low line 65

External URL reference

SourceSKILL.md
65- `https://reddit.com/user/<username>`
low line 66

External URL reference

SourceSKILL.md
66- `https://tiktok.com/@<username>`
low line 67

External URL reference

SourceSKILL.md
67- `https://youtube.com/@<username>`
low line 68

External URL reference

SourceSKILL.md
68- `https://linkedin.com/in/<username>`
low line 69

External URL reference

SourceSKILL.md
69- `https://medium.com/@<username>`
low line 70

External URL reference

SourceSKILL.md
70- `https://pinterest.com/<username>`
low line 71

External URL reference

SourceSKILL.md
71- `https://twitch.tv/<username>`
low line 72

External URL reference

SourceSKILL.md
72- `https://steamcommunity.com/id/<username>`
low line 73

External URL reference

SourceSKILL.md
73- `https://keybase.io/<username>`
low line 74

External URL reference

SourceSKILL.md
74- `https://t.me/<username>` (Telegram)
low line 92

External URL reference

SourceSKILL.md
92https://maps.googleapis.com/maps/api/geocode/json?address=<address>&key=<key>
low line 95

External URL reference

SourceSKILL.md
95https://maps.googleapis.com/maps/api/streetview/metadata?location=<lat,lng>&key=<key>
low line 104

External URL reference

SourceSKILL.md
1043. Check Gravatar: compute MD5 of likely email addresses → `https://www.gravatar.com/<md5>.json`
low line 111

External URL reference

SourceSKILL.md
111https://yandex.com/images/search?rpt=imageview&url=<image_url>
low line 112

External URL reference

SourceSKILL.md
112https://tineye.com/search?url=<image_url>
low line 115

External URL reference

SourceSKILL.md
115https://lens.google.com/uploadbyurl?url=<image_url>
low line 129

External URL reference

SourceSKILL.md
129Online tools: `web_fetch https://www.metadata2go.com` or `https://www.pic2map.com`
low line 134

External URL reference

SourceSKILL.md
134- Sun angle + shadow direction → `https://www.suncalc.org` to estimate time & location
low line 146

External URL reference

SourceSKILL.md
146curl -s "https://haveibeenpwned.com/api/v3/breachedaccount/<email>" -H "hibp-api-key: <key>"
low line 150

External URL reference

SourceSKILL.md
150curl -s "https://www.gravatar.com/<md5_hash>.json"
low line 157

External URL reference

SourceSKILL.md
157curl -s "https://phonevalidation.abstractapi.com/v1/?api_key=<key>&phone=<number>"
low line 163

External URL reference

SourceSKILL.md
163- `https://opencorporates.com/companies?q=<name>`
low line 164

External URL reference

SourceSKILL.md
164- Companies House (UK): `https://find-and-update.company-information.service.gov.uk/search?q=<name>`
low line 165

External URL reference

SourceSKILL.md
165- LinkedIn company page: `https://linkedin.com/company/<slug>`
low line 180

External URL reference

SourceSKILL.md
180curl -s "https://archive.org/wayback/available?url=<url>"
low line 181

External URL reference

SourceSKILL.md
181web_fetch "https://web.archive.org/web/*/<url>" for snapshots
low line 299

External URL reference

SourceSKILL.md
299"https://api.twitter.com/2/users/by/username/<handle>?user.fields=description,location,created_at,public_metrics"
low line 306

External URL reference

SourceSKILL.md
306"https://api.twitter.com/2/users/by/username/<handle>?user.fields=description,location,created_at,public_metrics,entities"
low line 310

External URL reference

SourceSKILL.md
310"https://api.twitter.com/2/users/<user_id>/tweets?max_results=10&tweet.fields=created_at,geo,entities"
low line 314

External URL reference

SourceSKILL.md
314"https://api.twitter.com/2/tweets/search/recent?query=<query>&max_results=10"
low line 319

External URL reference

SourceSKILL.md
319curl -s "https://api.shodan.io/shodan/host/<ip>?key=$SHODAN_KEY"
low line 320

External URL reference

SourceSKILL.md
320curl -s "https://api.shodan.io/dns/resolve?hostnames=<domain>&key=$SHODAN_KEY"
low line 325

External URL reference

SourceSKILL.md
325curl -s "https://api.hunter.io/v2/domain-search?domain=<domain>&api_key=$HUNTER_KEY"
low line 326

External URL reference

SourceSKILL.md
326curl -s "https://api.hunter.io/v2/email-verifier?email=<email>&api_key=$HUNTER_KEY"
low line 331

External URL reference

SourceSKILL.md
331curl -s "https://haveibeenpwned.com/api/v3/breachedaccount/<email>" \
low line 337

External URL reference

SourceSKILL.md
337curl -s "https://maps.googleapis.com/maps/api/geocode/json?address=<address>&key=$GMAPS_KEY"
low line 338

External URL reference

SourceSKILL.md
338curl -s "https://maps.googleapis.com/maps/api/place/textsearch/json?query=<query>&key=$GMAPS_KEY"
low line 339

External URL reference

SourceSKILL.md
339curl -s "https://maps.googleapis.com/maps/api/streetview/metadata?location=<lat,lng>&key=$GMAPS_KEY"
Scanned on Mar 3, 2026
View Security Dashboard
Installation guide →
GitHub Stars 2.2K
Rate this skill
Categoryeducation research
UpdatedApril 10, 2026
openclawapiresearcherdata-analystmarketing-analystpr-communicationsinfluencer-marketereducation researchdata analyticsmarketing
openclaw/skills