danielmiessler

osint

@danielmiessler/osint
danielmiessler
5,085
813 forks
Updated 1/18/2026
View on GitHub

OSINT: Open source intelligence gathering. USE WHEN OSINT, due diligence, background check, research person, company intel, investigate. SkillSearch('osint') for docs.

Installation

$skills install @danielmiessler/osint
Claude Code
Cursor
Copilot
Codex
Antigravity

Details

Repositorydanielmiessler/Personal_AI_Infrastructure
PathReleases/v2.3/.claude/skills/OSINT/SKILL.md
Branchmain
Scoped Name@danielmiessler/osint

Usage

After installing, this skill will be available to your AI coding assistant.

Verify installation:

skills list

Skill Instructions

name: OSINT description: Open source intelligence gathering. USE WHEN OSINT, due diligence, background check, research person, company intel, investigate. SkillSearch('osint') for docs.

Customization

Before executing, check for user customizations at: ~/.claude/skills/CORE/USER/SKILLCUSTOMIZATIONS/OSINT/

If this directory exists, load and apply any PREFERENCES.md, configurations, or resources found there. These override default behavior. If the directory does not exist, proceed with skill defaults.

OSINT Skill

Open Source Intelligence gathering for authorized investigations.

Voice Notification

When executing a workflow, do BOTH:

  1. Send voice notification:

    curl -s -X POST http://localhost:8888/notify \
  -H "Content-Type: application/json" \
  -d '{"message": "Running the WORKFLOWNAME workflow from the OSINT skill"}' \
  > /dev/null 2>&1 &

  2. Output text notification:

    Running the **WorkflowName** workflow from the **OSINT** skill...

Full documentation: ~/.claude/skills/CORE/SkillNotifications.md

Workflow Routing

Investigation TypeWorkflowContext
People lookupWorkflows/PeopleLookup.mdPeopleTools.md
Company lookupWorkflows/CompanyLookup.mdCompanyTools.md
Investment due diligenceWorkflows/CompanyDueDiligence.mdCompanyTools.md
Entity/threat intelWorkflows/EntityLookup.mdEntityTools.md

Trigger Patterns

People OSINT:

  • "do OSINT on [person]", "research [person]", "background check on [person]"
  • "who is [person]", "find info about [person]", "investigate this person" -> Route to Workflows/PeopleLookup.md

Company OSINT:

  • "do OSINT on [company]", "research [company]", "company intelligence"
  • "what can you find about [company]", "investigate [company]" -> Route to Workflows/CompanyLookup.md

Investment Due Diligence:

  • "due diligence on [company]", "vet [company]", "is [company] legitimate"
  • "assess [company]", "should we work with [company]" -> Route to Workflows/CompanyDueDiligence.md

Entity/Threat Intel:

  • "investigate [domain]", "threat intelligence on [entity]", "is this domain malicious"
  • "research this threat actor", "check [domain]", "analyze [entity]" -> Route to Workflows/EntityLookup.md

Authorization (REQUIRED)

Before ANY investigation, verify:

  • Explicit authorization from client
  • Clear scope definition
  • Legal compliance confirmed
  • Documentation in place

STOP if any checkbox is unchecked. See EthicalFramework.md for details.

Resource Index

FilePurpose
EthicalFramework.mdAuthorization, legal, ethical boundaries
Methodology.mdCollection methods, verification, reporting
PeopleTools.mdPeople search, social media, public records
CompanyTools.mdBusiness databases, DNS, tech profiling
EntityTools.mdThreat intel, scanning, malware analysis

Integration

Automatic skill invocations:

  • Research Skill - Parallel researcher agent deployment (REQUIRED)
  • Recon Skill - Technical infrastructure reconnaissance

Agent fleet patterns:

  • Quick lookup: 4-6 agents
  • Standard investigation: 8-16 agents
  • Comprehensive due diligence: 24-32 agents

Researcher types:

ResearcherBest For
PerplexityResearcherCurrent web data, social media, company updates
ClaudeResearcherAcademic depth, professional backgrounds
GeminiResearcherMulti-perspective, cross-domain connections
GrokResearcherContrarian analysis, fact-checking

File Organization

Active investigations:

~/.claude/MEMORY/WORK/$(jq -r '.work_dir' ~/.claude/MEMORY/STATE/current-work.json)/scratch/YYYY-MM-DD-HHMMSS_osint-[target]/

Archived reports:

~/.claude/History/research/YYYY-MM/[target]-osint/

Ethical Guardrails

ALLOWED: Public sources only - websites, social media, public records, search engines, archived content

PROHIBITED: Private data, unauthorized access, social engineering, purchasing breached data, ToS violations

See EthicalFramework.md for complete requirements.

Version: 2.0 (Canonical Structure) Last Updated: December 2024

More by danielmiessler

View all
core
5,085

CORE: Personal AI Infrastructure core. AUTO-LOADS at session start. The authoritative reference for how the PAI system works, how to use it, and all system-level configuration. USE WHEN any session begins, user asks about the system, identity, configuration, workflows, security, or any other question about how the PAI system operates.

agents
5,085

Agents: Dynamic agent composition and management system. USE WHEN user says create custom agents, spin up custom agents, specialized agents, OR asks for agent personalities, available traits, agent voices. Handles custom agent creation, personality assignment, voice mapping, and parallel agent orchestration.

thealgorithm
5,085

THEALGORITHM: Universal execution engine using scientific method to achieve ideal state. USE WHEN complex tasks, multi-step work, "run the algorithm", "use the algorithm", OR any non-trivial request that benefits from structured execution with ISC (Ideal State Criteria) tracking.

prompting
5,085

Prompting: Meta-prompting system for dynamic prompt generation using templates, standards, and patterns. USE WHEN meta-prompting, template generation, prompt optimization, or programmatic prompt composition.