ClawHub

Bazi Fortune — 八字四柱命理

Security checks across malware telemetry and agentic risk

Overview

This is a local fortune-telling skill that saves birth-profile details for reuse, which is privacy-relevant but disclosed and aligned with its purpose.

Install only if you are comfortable with the skill saving birth date, birth time, sex, optional birthplace, and Bazi-derived profile data in a local MEMORY.md file and reusing it later. Review or delete that file if you do not want future readings to use stored information, and treat outputs as entertainment or self-reflection rather than professional medical, legal, or financial advice.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to persist and reuse highly sensitive personal data (birth date, birth time, sex, optional birthplace, plus derived profile data) in MEMORY.md beyond the immediate request. It also normalizes silent reuse of that data without a fresh consent or necessity check, creating a privacy and scope-expansion risk that exceeds a simple one-shot fortune analysis workflow.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill explicitly directs reading personal data from a sibling repository path (fortune-hub/MEMORY.md), which crosses the boundary of this skill's declared scope and enables unauthorized data sourcing from another module's storage. Cross-skill memory access increases the chance of collecting or reusing unrelated sensitive information without the user's awareness.

Description-Behavior Mismatch

Low
Confidence
88% confidence
Finding
The manifest describes the skill as relying on user-provided birth details, but the behavior silently checks memory files first and may use stored data without asking. This creates a transparency and consent problem because the user may not realize old personal data is being reused to drive the analysis.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill collects and stores sensitive birth/profile data in MEMORY.md without placing a clear privacy warning, consent prompt, or handling notice at the point of collection. Birth date, time, sex, and birthplace can be sensitive personal data, and persistent storage without explicit privacy controls increases misuse and exposure risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill directs persistent caching of derived fortune-analysis outputs such as pillars, five-element distribution, strength, and favorable/unfavorable elements without any retention limit or explicit consent. Even derived data can reveal intimate inferences about a user's identity and beliefs, so indefinite caching creates avoidable privacy and profiling risk.

Ssd 3

Medium
Confidence
96% confidence
Finding
The skill instructs persistent collection and reuse of sensitive personal data from shared memory files without re-confirmation, which is a classic excessive-data-retention and stale-consent problem. Because the data includes birth information used to infer personal traits and future predictions, silent reuse can surprise users and amplify harm if memory is shared or exposed.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill tells the agent to write detailed personal profile fields and derived analytical conclusions into MEMORY.md for later reuse. This creates a durable profile of sensitive identity attributes and inferred characteristics, increasing the consequences of unauthorized access, cross-context reuse, or future use beyond the user's original intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal