OpenSkillIndex← back to search
claude-code

Personal_AI_Infrastructure OSINT

Open source intelligence gathering. USE WHEN OSINT, due diligence, background check, research person, company intel, investigate. SkillSearch('osint') for docs.

install
source · Clone the upstream repo
git clone https://github.com/danielmiessler/Personal_AI_Infrastructure
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/danielmiessler/Personal_AI_Infrastructure "$T" && mkdir -p ~/.claude/skills && cp -r "$T/Releases/v2.5/.claude/skills/OSINT" ~/.claude/skills/danielmiessler-personal-ai-infrastructure-osint-ce3efa && rm -rf "$T"
manifest: Releases/v2.5/.claude/skills/OSINT/SKILL.md
source content

Customization

Before executing, check for user customizations at: 

~/.claude/skills/PAI/USER/SKILLCUSTOMIZATIONS/OSINT/

If this directory exists, load and apply any PREFERENCES.md, configurations, or resources found there. These override default behavior. If the directory does not exist, proceed with skill defaults.

🚨 MANDATORY: Voice Notification (REQUIRED BEFORE ANY ACTION)

You MUST send this notification BEFORE doing anything else when this skill is invoked.

  1. Send voice notification:

    curl -s -X POST http://localhost:8888/notify \
  -H "Content-Type: application/json" \
  -d '{"message": "Running the WORKFLOWNAME workflow in the OSINT skill to ACTION"}' \
  > /dev/null 2>&1 &

  2. Output text notification:

    Running the **WorkflowName** workflow in the **OSINT** skill to ACTION...

This is not optional. Execute this curl command immediately upon skill invocation.

OSINT Skill

Open Source Intelligence gathering for authorized investigations.

Workflow Routing

Investigation TypeWorkflowContext
People lookup
Workflows/PeopleLookup.md
PeopleTools.md
Company lookup
Workflows/CompanyLookup.md
CompanyTools.md
Investment due diligence
Workflows/CompanyDueDiligence.md
CompanyTools.md
Entity/threat intel
Workflows/EntityLookup.md
EntityTools.md

Trigger Patterns

People OSINT:

  • "do OSINT on [person]", "research [person]", "background check on [person]"
  • "who is [person]", "find info about [person]", "investigate this person" -> Route to 
    Workflows/PeopleLookup.md

Company OSINT:

  • "do OSINT on [company]", "research [company]", "company intelligence"
  • "what can you find about [company]", "investigate [company]" -> Route to 
    Workflows/CompanyLookup.md

Investment Due Diligence:

  • "due diligence on [company]", "vet [company]", "is [company] legitimate"
  • "assess [company]", "should we work with [company]" -> Route to 
    Workflows/CompanyDueDiligence.md

Entity/Threat Intel:

  • "investigate [domain]", "threat intelligence on [entity]", "is this domain malicious"
  • "research this threat actor", "check [domain]", "analyze [entity]" -> Route to 
    Workflows/EntityLookup.md

Authorization (REQUIRED)

Before ANY investigation, verify:

  • Explicit authorization from client
  • Clear scope definition
  • Legal compliance confirmed
  • Documentation in place

STOP if any checkbox is unchecked. See 

EthicalFramework.md
for details.

Resource Index

FilePurpose
EthicalFramework.md
Authorization, legal, ethical boundaries
Methodology.md
Collection methods, verification, reporting
PeopleTools.md
People search, social media, public records
CompanyTools.md
Business databases, DNS, tech profiling
EntityTools.md
Threat intel, scanning, malware analysis, attack targeting patterns

Integration

Automatic skill invocations:

  • Research Skill - Parallel researcher agent deployment (REQUIRED)
  • Recon Skill - Technical infrastructure reconnaissance

Agent fleet patterns:

  • Quick lookup: 4-6 agents
  • Standard investigation: 8-16 agents
  • Comprehensive due diligence: 24-32 agents

Researcher types:

ResearcherBest For
PerplexityResearcherCurrent web data, social media, company updates
ClaudeResearcherAcademic depth, professional backgrounds
GeminiResearcherMulti-perspective, cross-domain connections
GrokResearcherContrarian analysis, fact-checking

File Organization

Active investigations:

~/.claude/MEMORY/WORK/$(jq -r '.work_dir' ~/.claude/MEMORY/STATE/current-work.json)/scratch/YYYY-MM-DD-HHMMSS_osint-[target]/

Archived reports:

~/.claude/History/research/YYYY-MM/[target]-osint/

Ethical Guardrails

ALLOWED: Public sources only - websites, social media, public records, search engines, archived content

PROHIBITED: Private data, unauthorized access, social engineering, purchasing breached data, ToS violations

See 

EthicalFramework.md
for complete requirements.

Version: 2.0 (Canonical Structure) Last Updated: December 2024