Tarot Content
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: tarot-content Version: 0.1.0 The OpenClaw skill bundle 'tarot-content' is classified as benign. All files (SKILL.md, scripts/ephemeris_helper.py, references/tarot-cards.md) align with the stated purpose of generating tarot and astrology content. SKILL.md provides clear, ethical instructions for the AI agent, including warnings against sensitive content, and code snippets for astrological calculations (pyswisseph) and image generation (Pillow). The `ephemeris_helper.py` script is a clean utility for planetary data, and `tarot-cards.md` is a harmless reference. No evidence of data exfiltration, malicious execution, persistence mechanisms, prompt injection attempts with harmful intent, or obfuscation was found. A minor portability issue with a hardcoded font path in SKILL.md is a vulnerability, not an indicator of malice.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the optional dependency adds third-party code to the local environment.
The skill recommends installing an external Python package while the registry install spec lists no install steps. The package is directly related to ephemeris calculations, so this is a disclosure/provenance note rather than a security concern.
pip install pyswisseph
Install the dependency only from a trusted package source and preferably in an isolated Python environment.