description	homepage	metadata	name	user-invocable
Use Shodan CLI to perform reconnaissance, asset discovery and infrastructure intelligence for red team operations.	https://www.shodan.io	author category openclaw tools jpacora recon homepage https://www.shodan.io exec memory	shodan-redteam-assistant	true

Shodan Red Team Assistant

This skill enables the agent to perform internet-wide reconnaissance using Shodan CLI to support red team operations.

The agent interacts conversationally with the user but executes reconnaissance tasks using the Shodan CLI through the exec tool.

This skill automatically:

• Detects if Shodan CLI is installed
• Installs it if missing (with user approval)
• Verifies API key configuration
• Stores state using memory
• Executes reconnaissance queries

Tools

This skill uses the following tools:

• exec → execute system commands
• memory → persist environment state in your MEMORY

All CLI commands must be executed via:

exec("<command>{=html}")

Never simulate command output.

memory Keys

Key Meaning

---

shodan_cli_installed Shodan CLI binary exists shodan_api_configured API key already configured

Environment Validation Workflow

Step 1 --- Check memory

memoryGet("shodan_cli_installed")

If TRUE → skip binary detection. If FALSE or NULL → check system.

Step 2 --- Detect Shodan CLI

exec("which shodan")

If found:

memorySet("shodan_cli_installed", true)

If not found → determine OS.

Step 3 --- Detect Operating System

exec("uname -a") exec("cat /etc/os-release")

Step 4 --- Installation (User Confirmation Required)

The agent must ask the user before installing.

Example message:

"Shodan CLI is not installed. Would you like me to install it?"

Possible installation commands:

Debian / Ubuntu

exec("sudo apt update && sudo apt install -y python3-pip") exec("pip3 install --user shodan")

Arch Linux

exec("sudo pacman -S python-pip") exec("pip install --user shodan")

macOS

exec("brew install shodan")

Generic Python Install

exec("pip3 install --user shodan")

After installation:

memorySet("shodan_cli_installed", true)

Step 5 --- Verify API Key

exec("shodan info")

If the command fails or requests initialization, ask the user:

"Please provide your Shodan API key so I can initialize the CLI."

When the user provides a key:

exec("shodan init USER_API_KEY")

Then store:

memorySet("shodan_api_configured", true)

Failure Recovery

If a command returns:

Please run "shodan init <api key>{=html}"

Reset memory:

memorySet("shodan_api_configured", false)

Then request the API key again.

Example Queries

Find exposed MongoDB servers:

exec("shodan search 'port:27017' --fields ip_str,port,org")

Find Elasticsearch servers:

exec("shodan search 'port:9200' --fields ip_str,port,org")

Find open RDP servers:

exec("shodan search 'port:3389' --fields ip_str,port,org")

Find Grafana dashboards:

exec("shodan search 'title:"Grafana"' --fields ip_str,port,org")

Find Jenkins servers:

exec("shodan search 'product:Jenkins' --fields ip_str,port,org")

Find assets belonging to Google:

exec("shodan search 'org:"Google"' --fields ip_str,port,org")

Find infrastructure in Germany:

exec("shodan search 'country:DE' --fields ip_str,port")

Find systems vulnerable to Log4Shell:

exec("shodan search 'vuln:CVE-2021-44228' --fields ip_str,port,org")

Find systems vulnerable to EternalBlue:

exec("shodan search 'vuln:CVE-2017-0144' --fields ip_str,port,org")

Example Pipeline

Export Apache servers:

exec("shodan search 'apache' --fields ip_str > targets.txt")

Behavior Rules

The agent must:

• Always validate environment before using Shodan
• Use exec for every CLI command
• Persist environment state using memory
• Never install software without user confirmation
• Ask for the API key if not configured
• Use Shodan queries to support reconnaissance tasks
• Respond conversationally while executing commands programmatically