Hs Ti
by @maxjia
Hillstone Threat Intelligence Skill. Query IP addresses, domains, URLs, and file hashes in Hillstone threat intelligence database.
clawhub install hs-tiπ About This Skill
name: hs-ti version: "2.2.5" publisher: maxjia description: Hillstone Threat Intelligence Skill. Query IP addresses, domains, URLs, and file hashes in Hillstone threat intelligence database. metadata: {"openclaw":{"emoji":"π","commands":["/threat-check","/hs-ti","/threat"],"aliases":["hs-ti","threat-intel","hillstone-ti"],"title":"Hillstone Threat Intelligence"}}
Hillstone Threat Intelligence Skill
Features: Query IP addresses, domains, URLs, and file hashes in the Hillstone threat intelligence database.
New Features (v2.2.4)
Configuration
You need to create a config.json file and configure a valid API Key:
1. Copy config.example.json to config.json
2. Fill in your API Key in config.json:
{
"api_key": "your-api-key-here",
"api_url": "https://ti.hillstonenet.com.cn",
"timeout": 30,
"max_retries": 3,
"retry_delay": 1,
"cache_enabled": true,
"cache_ttl": 3600
}
Configuration Parameters:
api_key: Hillstone Threat Intelligence API Key (required)api_url: API URL (optional, default: https://ti.hillstonenet.com.cn)timeout: Request timeout in seconds (optional, default: 30)max_retries: Maximum retry attempts (optional, default: 3)retry_delay: Retry delay in seconds (optional, default: 1)cache_enabled: Enable cache (optional, default: true)cache_ttl: Cache time-to-live in seconds (optional, default: 3600)Usage Examples
/threat-check 45.74.17.165
/threat-check deli.ydns.eu
/threat-check 45.74.17.165,deli.ydns.eu,www.blazingelectricz.com
/threat-check -a 45.74.17.165
/threat-check -a deli.ydns.eu
Advanced API
Use -a parameter to call the advanced API and get more detailed threat intelligence:
/threat-check -a 45.74.17.165
Advanced API provides:
Supported IOC Types
/api/ip/reputation/api/domain/reputation/api/url/reputation/api/file/reputationResponse Time Statistics
Each query displays detailed performance statistics:
Dependencies
API Endpoints
Reputation API
/api/ip/reputation?key={ip}/api/domain/reputation?key={domain}/api/url/reputation?key={url}/api/file/reputation?key={hash}Advanced Detail API
/api/ip/detail?key={ip}/api/domain/detail?key={domain}/api/url/detail?key={url}/api/file/detail?key={hash}Troubleshooting
https://ti.hillstonenet.com.cn~/.openclaw/logs/hs_ti.logSecurity Best Practices
API Key Management
Recommended Approach:
export HILLSTONE_API_KEY="your-api-key-here"
# In bash
export HISTCONTROL=ignorespace
export HILLSTONE_API_KEY="your-api-key-here"
# In PowerShell
$env:HILLSTONE_API_KEY="your-api-key-here"
Configuration File Approach:
chmod 600 config.json
- Configuration file is not committed to version control
- Configuration file is added to .gitignoreFile Permissions
Configuration File:
# Set configuration file permissions
chmod 600 ~/.openclaw/skills/hs-ti/config.jsonEnsure directory permissions are correct
chmod 700 ~/.openclaw/skills/hs-ti/
Log File:
# Set log file permissions
chmod 600 ~/.openclaw/logs/hs_ti.logEnsure log directory permissions are correct
chmod 700 ~/.openclaw/logs/
Version History
[2.2.4] - 2026-04-02
[2.2.3] - 2026-04-01
[2.2.2] - 2026-03-31
License
MIT License
Support
βοΈ Configuration
You need to create a config.json file and configure a valid API Key:
1. Copy config.example.json to config.json
2. Fill in your API Key in config.json:
{
"api_key": "your-api-key-here",
"api_url": "https://ti.hillstonenet.com.cn",
"timeout": 30,
"max_retries": 3,
"retry_delay": 1,
"cache_enabled": true,
"cache_ttl": 3600
}
Configuration Parameters:
api_key: Hillstone Threat Intelligence API Key (required)api_url: API URL (optional, default: https://ti.hillstonenet.com.cn)timeout: Request timeout in seconds (optional, default: 30)max_retries: Maximum retry attempts (optional, default: 3)retry_delay: Retry delay in seconds (optional, default: 1)cache_enabled: Enable cache (optional, default: true)cache_ttl: Cache time-to-live in seconds (optional, default: 3600)π Tips & Best Practices
https://ti.hillstonenet.com.cn~/.openclaw/logs/hs_ti.log