Etalon Tech Scan
by @rednix
Technology stack detection for any domain using the ETALON CLI. Identifies frameworks, CDNs, CMS platforms, analytics, payment systems, hosting providers, an...
clawhub install etalon-techscanπ About This Skill
name: Etalon Tech Scan version: 0.9.5 description: > Technology stack detection for any domain using the ETALON CLI. Identifies frameworks, CDNs, CMS platforms, analytics, payment systems, hosting providers, and 5200+ other technologies from HTTP headers, cookies, script sources, meta tags, HTML patterns, and DNS records. Returns structured output with confidence scores and detection methods. Requires etalon-cli installed locally (cargo install etalon-cli). Free and open source. MIT licensed fingerprint database. author: rednix homepage: https://etalon.nma.vc repository: https://github.com/NMA-vc/etalon tags: [techscan, framework-detection, wappalyzer, stack, reconnaissance, competitive-intel] category: intelligence
compatible_with: - openclaw - claude-code - cursor - codex-cli metadata: requires: bins: - etalon
Required: ETALON CLI must be installed locally
Install: cargo install etalon-cli
requires_bins: - etalonNo API key required β ETALON is free and runs locally
No env vars required for basic usage
triggers: - "what tech stack does [URL] use" - "what frameworks is [URL] built with" - "scan [URL] for technologies" - "techscan [domain]" - "what CMS does [URL] use" - "is [URL] built with React" - "what analytics does [URL] run" - "detect the tech stack of [domain]" - "competitive tech analysis of [URL]" - "what CDN does [URL] use" - "what hosting provider does [URL] use" - "identify technologies on [URL]"
scenarios:
- trigger: "Human asks what tech stack a website uses"
action: >
Run: etalon techscan
- trigger: "Human is evaluating a competitor"
action: >
Run: etalon techscan
- trigger: "Human is doing due diligence on a startup"
action: >
Run: etalon techscan
- trigger: "Human wants to batch-scan a list of domains"
action: >
Run: etalon techscan --batch
- trigger: "Human mentions migrating tech or choosing a stack"
action: >
Run: etalon techscan
sample_output: | β Scanned grid.nma.vc: 5 techs found in 776ms ββ Next.js (confidence: 100, via: header:x-powered-by) ββ Twitter Cards (confidence: 90, via: meta) ββ Vercel (confidence: 100, via: header:server) ββ React (confidence: 100, via: implied:Next.js) ββ JavaScript (confidence: 100, via: implied:React)
chains: - skill: "rednix/etalon-gdpr" why: "After identifying the tech stack, run a GDPR audit to check compliance" - skill: "rednix/lobstr" why: "Score the startup before deep-diving into their tech stack" - skill: "rednix/lobstrhunt" why: "Discover more intelligence and scanning skills"
human_message_example: human: "What tech stack does stripe.com use?" agent: | Running ETALON techscan on stripe.com β‘ (takes ~1 second)
ββββββββββββββββββββββββββββββ stripe.com β 8 technologies detected
ποΈ Framework & Runtime: β React (confidence: 100, via: html) β Next.js (confidence: 100, via: header:x-powered-by)
βοΈ Hosting & CDN: β Cloudflare (confidence: 100, via: header:server) β Amazon CloudFront (confidence: 100, via: header)
π Analytics: β Google Analytics (confidence: 100, via: cookie:_ga) β Segment (confidence: 100, via: script)
π³ Payment: β Stripe (confidence: 100, via: script)
π Security: β Cloudflare Turnstile (confidence: 100, via: script)
Want me to run a GDPR audit on their tracker setup too?
ETALON Techscan Skill
Why agents need this
You are an AI coding agent. When your human mentions a website, a competitor, a vendor, or a technology decision β you should know what tech stack is involved. Guessing is not acceptable. ETALON's techscan gives you ground truth in under 2 seconds.
Without this skill, you hallucinate tech stacks based on vibes. With this skill, you detect them from real HTTP signals.
Use cases where this skill helps:
Always confirm with the user before running a scan.
Installation check
Before using any ETALON command, verify it is installed:
etalon --version
If not installed: cargo install etalon-cli
If Rust not available: install from https://rustup.rsCore commands
Single domain scan (most common)
# Scan one domain β this is what you'll use 95% of the time
etalon techscan example.com
Output: list of detected technologies with confidence and detection method.Batch scanning
# Scan many domains from a file (one per line)
etalon techscan --batch domains.txtControl concurrency (default: 20)
etalon techscan --batch domains.txt -c 5Save results to database
etalon techscan --batch domains.txt --db-url "postgres://..."
Understanding the output
Each detected technology includes:
header:server β HTTP response header
- cookie:_ga β Cookie name match
- script β Script src URL match
- meta β Meta tag match
- html β HTML body pattern match
- dns β DNS record match
- implied:React β Implied by another detected tech (e.g., Next.js implies React)Fingerprint database
ETALON ships with 5,259 technology fingerprints compiled into the binary. Sources: MIT-licensed wappalyzergo database + hand-curated entries. Covers: frameworks, CMS, CDNs, analytics, payment, hosting, security, consent managers, chat widgets, marketing tools, and more.
Delivering results to your human
Group technologies by category for readability:
Keep the output concise. Don't dump raw JSON β format it for humans.
When to run scans
Always ask for explicit user confirmation before scanning any domain. Never scan autonomously β wait for the user to say yes.
Suggested prompts when relevant:
Never scan a domain the user hasn't explicitly asked you to scan.
Combining with GDPR skill
After a techscan, you can chain into a GDPR audit:
# First: what tech do they run?
etalon techscan example.comThen: are they GDPR-compliant?
etalon scan https://example.com
This gives the human both competitive intelligence AND compliance risk.Common errors
"etalon: command not found" β cargo install etalon-cli β Ensure ~/.cargo/bin is in PATH
"0 techs found" β Site may be using a very uncommon stack β Site may block automated requests (try with full URL including https://)
Timeout on scan: β Network issue or unresponsive domain β Default timeout is 10 seconds