mirrors/hermes-agent
1
0
Fork 0
mirror of https://github.com/NousResearch/hermes-agent.git synced 2026-05-13 03:52:00 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
hermes-agent/optional-skills/research/domain-intel/SKILL.md
Teknium db22efbe88 feat(optional-skills): declare platforms frontmatter for all 63 undeclared skills 
Extends the Windows-gating work to the optional-skills/ tree. Every
SKILL.md that previously omitted the platforms: field now carries an
explicit declaration, which Hermes's loader (agent.skill_utils.
skill_matches_platform) honors to skip-load on incompatible OSes.

58 skills declared cross-platform (platforms: [linux, macos, windows]):
  autonomous-ai-agents/blackbox, autonomous-ai-agents/honcho
  blockchain/base, blockchain/solana
  communication/one-three-one-rule
  creative/blender-mcp, creative/concept-diagrams, creative/hyperframes,
  creative/kanban-video-orchestrator, creative/meme-generation
  devops/cli (inference-sh-cli), devops/docker-management
  dogfood/adversarial-ux-test
  email/agentmail
  finance/3-statement-model, finance/comps-analysis, finance/dcf-model,
  finance/excel-author, finance/lbo-model, finance/merger-model,
  finance/pptx-author
  health/fitness-nutrition, health/neuroskill-bci
  mcp/fastmcp, mcp/mcporter
  migration/openclaw-migration
  mlops/accelerate, mlops/chroma, mlops/clip, mlops/guidance,
  mlops/hermes-atropos-environments, mlops/huggingface-tokenizers,
  mlops/instructor, mlops/lambda-labs, mlops/llava, mlops/modal,
  mlops/peft, mlops/pinecone, mlops/pytorch-lightning, mlops/qdrant,
  mlops/saelens, mlops/simpo, mlops/stable-diffusion
  productivity/canvas, productivity/shop-app, productivity/shopify,
  productivity/siyuan, productivity/telephony
  research/domain-intel, research/drug-discovery, research/duckduckgo-search,
  research/gitnexus-explorer, research/parallel-cli, research/scrapling
  security/1password, security/oss-forensics, security/sherlock
  web-development/page-agent

5 skills gated from Windows (platforms: [linux, macos]):
  mlops/flash-attention   - Flash Attention wheels are Linux-first; Windows
                            install requires building from source with CUDA
  mlops/faiss             - faiss-gpu has no Windows wheel; gate rather than
                            leak partial (faiss-cpu) support
  mlops/nemo-curator      - NVIDIA NeMo ecosystem has no first-class Windows path
  mlops/slime             - Megatron+SGLang RL stack is Linux-only in practice
  mlops/whisper           - openai-whisper + ffmpeg setup on Windows is
                            non-trivial; gate until Windows install stanza lands

Methodology: scanned every SKILL.md for Windows-hostile signals
(apt-get, brew, systemd, osascript, ptrace, X11 binaries, POSIX-only
Python APIs, Docker POSIX $(pwd) bind-mounts, explicit 'linux-only' /
'macos-only' text). 3 skills flagged as having hard signals on review:
docker-management and qdrant only had POSIX $(pwd) docker examples and
the tools themselves (Docker Desktop, Qdrant) run fine on Windows —
declared ALL. whisper had an apt/brew ffmpeg install path and nothing
else but the openai-whisper Windows install story is rough enough to
warrant gating.

Strict-over-lenient policy: when in doubt, gate. Easier to un-gate after
verified Windows support lands than to leak partial support that
manifests as mid-task failures for Windows users.
2026-05-08 14:27:40 -07:00

4.4 KiB
Raw Blame History

name description platforms
domain-intel Passive domain reconnaissance using Python stdlib. Subdomain discovery, SSL certificate inspection, WHOIS lookups, DNS records, domain availability checks, and bulk multi-domain analysis. No API keys required.
linux
macos
windows

Domain Intelligence — Passive OSINT

Passive domain reconnaissance using only Python stdlib. Zero dependencies. Zero API keys. Works on Linux, macOS, and Windows.

Helper script

This skill includes scripts/domain_intel.py — a complete CLI tool for all domain intelligence operations.

# Subdomain discovery via Certificate Transparency logs
python3 SKILL_DIR/scripts/domain_intel.py subdomains example.com

# SSL certificate inspection (expiry, cipher, SANs, issuer)
python3 SKILL_DIR/scripts/domain_intel.py ssl example.com

# WHOIS lookup (registrar, dates, name servers — 100+ TLDs)
python3 SKILL_DIR/scripts/domain_intel.py whois example.com

# DNS records (A, AAAA, MX, NS, TXT, CNAME)
python3 SKILL_DIR/scripts/domain_intel.py dns example.com

# Domain availability check (passive: DNS + WHOIS + SSL signals)
python3 SKILL_DIR/scripts/domain_intel.py available coolstartup.io

# Bulk analysis — multiple domains, multiple checks in parallel
python3 SKILL_DIR/scripts/domain_intel.py bulk example.com github.com google.com
python3 SKILL_DIR/scripts/domain_intel.py bulk example.com github.com --checks ssl,dns

SKILL_DIR is the directory containing this SKILL.md file. All output is structured JSON.

Available commands

Command What it does Data source
subdomains Find subdomains from certificate logs crt.sh (HTTPS)
ssl Inspect TLS certificate details Direct TCP:443 to target
whois Registration info, registrar, dates WHOIS servers (TCP:43)
dns A, AAAA, MX, NS, TXT, CNAME records System DNS + Google DoH
available Check if domain is registered DNS + WHOIS + SSL signals
bulk Run multiple checks on multiple domains All of the above

When to use this vs built-in tools

  • Use this skill for infrastructure questions: subdomains, SSL certs, WHOIS, DNS records, availability
  • Use web_search for general research about what a domain/company does
  • Use web_extract to get the actual content of a webpage
  • Use terminal with curl -I for a simple "is this URL reachable" check
Task Better tool Why
"What does example.com do?" web_extract Gets page content, not DNS/WHOIS data
"Find info about a company" web_search General research, not domain-specific
"Is this website safe?" web_search Reputation checks need web context
"Check if a URL is reachable" terminal with curl -I Simple HTTP check
"Find subdomains of X" This skill Only passive source for this
"When does the SSL cert expire?" This skill Built-in tools can't inspect TLS
"Who registered this domain?" This skill WHOIS data not in web search
"Is coolstartup.io available?" This skill Passive availability via DNS+WHOIS+SSL

Platform compatibility

Pure Python stdlib (socket, ssl, urllib, json, concurrent.futures). Works identically on Linux, macOS, and Windows with no dependencies.

  • crt.sh queries use HTTPS (port 443) — works behind most firewalls
  • WHOIS queries use TCP port 43 — may be blocked on restrictive networks
  • DNS queries use Google DoH (HTTPS) for MX/NS/TXT — firewall-friendly
  • SSL checks connect to the target on port 443 — the only "active" operation

Data sources

All queries are passive — no port scanning, no vulnerability testing:

  • crt.sh — Certificate Transparency logs (subdomain discovery, HTTPS only)
  • WHOIS servers — Direct TCP to 100+ authoritative TLD registrars
  • Google DNS-over-HTTPS — MX, NS, TXT, CNAME resolution (firewall-friendly)
  • System DNS — A/AAAA record resolution
  • SSL check is the only "active" operation (TCP connection to target:443)

Notes

  • WHOIS queries use TCP port 43 — may be blocked on restrictive networks
  • Some WHOIS servers redact registrant info (GDPR) — mention this to the user
  • crt.sh can be slow for very popular domains (thousands of certs) — set reasonable expectations
  • The availability check is heuristic-based (3 passive signals) — not authoritative like a registrar API

Contributed by @FurkanL0