I Built an OSINT Agent Skill to Expose Your Digital Tattoo

Because “delete” is not a spell. It’s a suggestion.

Your digital tattoo is the network of copies, caches, and identifiers that keep existing long after you hit “delete.”

You don’t get burned online because you’re reckless.

You get burned because the internet duplicates you.

Quietly. Automatically. Forever-ish.

The Problem Nobody Talks About

Most people hear “digital footprint” and think posts.

That’s the kid version of the problem.

Your real digital tattoo is what happens after you post: caches, previews, backups, search indexing, repost accounts, screenshots, link unfurls, and random “helpful” systems that store copies because that’s literally their job.

So you end up doing OPSEC like you’re trying to mop up a flooded bathroom with a single napkin.

And it never feels done.

The Revelation

Instead of guessing what’s out there… you run OSINT on yourself.

Not the cringe “spy” fantasy.

The boring, unfairly effective kind: connecting dots that are already public.

That’s why I built the OSINT Investigator: a drop-in agent skill that runs a real investigation loop—collect, correlate, verify, analyze, report—using only web search and fetch tools.

And it’s designed to be usable by normal humans, not just terminal goblins. (“Your 65-year-old dad can use it” is literally a design goal.)

OSINT Investigator is designed to be usable at any skill level: hit the Easy Button to run a full automated investigation, use the Guided Wizard for step-by-step help, or switch to Power Mode for granular commands like recon, pivoting, and risk assessment.

How It Actually Works

You get three modes:

✅ Easy button — /full example.com runs the whole sweep automatically
✅ Guided mode — /wizard person walks you through it step-by-step
✅ Power mode — /recon → /pivot → /risk-assessment → /visualize when you want control

Under the hood, it’s built around things most OSINT “tutorials” don’t give you:

Under the hood of OSINT Investigator: built-in evidence chains, contradiction detection, automated risk scoring, historical analysis, and visualization tools that turn scattered public data into a structured investigation.

• Evidence chains (how you know what you know) (GitHub)

• Contradiction detection (flags conflicting info instead of letting you hallucinate confidently) (GitHub)

• Risk scoring (so you know what to fix first) (GitHub)

• Historical analysis (Archive-style “what did this page look like before?”) (GitHub)

• Plain-language reports (/simple-report is explicitly “8th grade level”) (GitHub)

So “digital tattoo” stops being a spooky warning and becomes a repeatable audit.

Use It With Claude Code or OpenAI Codex

Here’s the move I recommend:

Pair this OSINT skill with a terminal agent like Claude Code or Codex CLI.

Pairing OSINT Investigator with a terminal agent like Claude Code or Codex CLI lets the investigation run while the agent handles the glue work—running commands, organizing outputs, and turning findings into actionable reports.

Why?

Because they live in your terminal, can operate on your local files, and handle the glue work — installing, organizing, running workflows, and iterating on reports, without you watching every step.

Claude Code is explicitly built to understand your codebase and execute routine tasks from the terminal. Codex CLI is also a local terminal coding agent that can read, change, and run code in your selected directory.

Meanwhile the OSINT skill itself claims “universal compatibility” across Claude/ChatGPT/AI CLIs.

So you get a nasty combo:

• OSINT Investigator finds the exposure graph.

• Claude Code / Codex automates the ops work around it (saving outputs, exporting formats, iterating checklists, turning findings into tasks, wiring it into your workflow).

Honestly, it’s kind of unfair how much faster that makes the whole process.

What You Can Do With This

• Digital tattoo self-audit — Run /full on your handle/domain, then prioritize fixes using the built-in risk scoring.

Example entity map generated during an OSINT investigation, linking a domain, publication, and handle to show how public identifiers connect across the web.

• “Where did this leak from?” mapping — Use /pivot to follow the thread from one identifier (username/email/phone/domain) to related public artifacts.

• Make the findings shareable — Generate a /simple-report for non-technical people (or leadership), and use /sanitize so you don’t leak sensitive details while trying to prevent leaks.

---

Quick self-audit starter pack:

1. Run /full on your main handle or domain

2. Look for cached previews and archived pages

3. Follow pivots on usernames and emails

4. Prioritize fixes using the built-in risk scoring

The Real Power Pattern Everyone Misses

Your digital tattoo isn’t one big “oops.”

It’s a thousand tiny copies connected by identity and timing.

That’s why the investigation cycle matters: verify, correlate, and score, not just “search your name and vibe.”

Also: ethics.

This skill is explicitly scoped to public info only—no harassment, no stalking, no doxing, no illegal nonsense.

The Bottom Line

“Delete” is not a strategy.

Visibility management is.

Run OSINT on yourself before someone else does it for you—and bring a terminal agent (Claude Code or Codex) so you’re not doing the tedious parts by hand.

---

Comments

[Sergio]

This is great. Just tested it out, minor issues with the install instructions, the wget path for example.

Also, would be good to have wrapper commands in the command dir so they show up as global commands. I forked your repo and will probably add that.

Really impressive. I now have some accounts I now need to go redact, hahah.

[The Uncomfortable Idea]

This post raises an intriguing perspective on the permanence of our digital footprints. It reminds me of my exploration on the relationship between agency and intelligence in a piece where I discuss the importance of self-awareness in decision-making; you can check it out here: https://theuncomfortableidea.substack.com/p/intelligence-might-be-the-ability.