Back to skill
Skillv1.0.2
ClawScan security
凡心八字在线排盘,导出AI指令 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewApr 13, 2026, 3:00 PM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's code and documentation are internally consistent for computing 八字 by calling an external API, but it transmits personal data to an unknown HTTP endpoint (no TLS) and omits dependency declaration — this raises privacy and transport-security concerns.
- Guidance
- This skill appears to do what it says, but exercise caution before using it with real personal data. It POSTs name/gender/date-of-birth to http://api.bagezi.top (note: plain HTTP, not HTTPS), so unencrypted interception is possible and the recipient is an unknown third party. Before installing or running: (1) avoid sending sensitive/real PII unless you trust the service; (2) prefer an HTTPS endpoint — contact the author or verify api.bagezi.top supports TLS; (3) run the script in an isolated environment (virtualenv/container) and ensure the 'requests' package is installed from a trusted source; (4) inspect network traffic (e.g., with a proxy) if you need to confirm where data goes; (5) if privacy is a concern, seek a local/offline implementation or a reputable provider with a privacy policy. If you need higher assurance, request the maintainer provide HTTPS endpoints and a declared install spec or host the code on a verifiable repository.
Review Dimensions
- Purpose & Capability
- okName, description, SKILL.md and paipan.py all align: the tool collects name/gender/birthday and POSTs them to api.bagezi.top to compute 八字. There are no unrelated credentials, binaries, or config paths requested.
- Instruction Scope
- concernThe runtime sends PII (name, gender, birthday) to an external endpoint (http://api.bagezi.top/api/paipan). The SKILL.md exposes that endpoint. The code uses plain HTTP (no HTTPS), meaning data is sent unencrypted in transit — a privacy/transport-security risk. The instructions do not access other system files or env vars, but they do direct personal data off-host.
- Install Mechanism
- noteNo install spec is provided (instruction-only), so nothing is written to disk by an installer. However, paipan.py depends on the Python 'requests' package but the skill does not declare or install this dependency, which may cause runtime failures; there are no high-risk downloads or archive extractions.
- Credentials
- okThe skill requests no environment variables, credentials, or config paths — that is proportionate. The primary risk is that it transmits user-supplied personal data to a third-party service without requiring explicit auth from the user.
- Persistence & Privilege
- okThe skill is not forced-always nor trying to persist or modify other skill/system configs. It is user-invocable and can be invoked autonomously (platform default), which is expected and not by itself a red flag.