ClawHub

YunShi

v0.1.0

本地离线算命/运势技能:输出幸运方位、颜色、数字、物品、宜忌,并支持财运/桃花运等单项查询与次日运势定时推送。

0· 710·0 current·0 all-time
byEli Lin@elilin97
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (本地离线算命) align with the instructions: the SKILL reads local rule/template files, performs deterministic calculations, and can persist a user profile JSON. Required capabilities (reading/writing files in {baseDir}, deterministic rule application, per-item queries and single-item modes) are consistent with the stated purpose.
!
Instruction Scope
SKILL.md tightly constrains runtime behavior (must read {baseDir}/fortune_rules.md and user_chart_profile.md first, optionally user_chart_profile.json; must write user_chart_profile.json on initial setup). It also forbids use of system commands (find/ls/python3) which reduces stealthy scanning, but: (1) it mandates automatic sending for cron/‘nightly push’ scenarios using host-provided 'message sending tools' (delivery.channel + delivery.to) which will route the generated, potentially sensitive, user-specific text to external channels — this is effectively a network send despite the '禁止联网检索' rule and is not described in registry metadata (no declared env/credentials). (2) The strict template requirement increases risk of deterministic outputs containing personal data. The skill also assumes read/write tooling exists and will persist personal data without explicit credential declarations. These behaviors broaden the scope beyond pure local computation and should be validated with your host environment and privacy requirements.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is low-risk from an installation perspective: nothing is downloaded or written during install beyond runtime read/write of {baseDir}.
Credentials
The skill declares no required environment variables or external credentials, which is appropriate for a local/offline oracle. However, the nightly-push behavior expects the host to provide channel-specific sending tools (telegram/slack/feishu/discord/whatsapp). Those connectors typically require credentials on the host; the skill does not declare or request them, meaning it relies on ambient host connectors/permissions. Also: it will create and persist {baseDir}/user_chart_profile.json containing raw star-chart text and derived data — this can include sensitive personal data (birth time, location). The number of 'secrets' requested is zero, but persistence of personal data and reliance on host messaging connectors are privacy-relevant and should be considered proportionally risky.
Persistence & Privilege
The skill will persist a user profile JSON to {baseDir}/user_chart_profile.json when triggered (initial setup or explicit user request). always:false (no force-inclusion). Writing its own per-skill files is normal, but you should confirm workspaceAccess (rw) and the exact location of {baseDir}. The push behavior can cause the skill to send stored or generated data out-of-band if the host scheduling/delivery is configured — verify and control which channels are enabled.
What to consider before installing
This skill appears to implement exactly what it says (local deterministic fortune telling) and is instruction-only (no external install). Before installing, check the following: 1) Persistence: the skill may automatically create {baseDir}/user_chart_profile.json containing raw star-chart text and derived fields — avoid saving highly sensitive personal data if you don't want it persisted; choose a safe {baseDir} (private workspace) or disable persistence. 2) Push/send behavior: for scheduled '次日推送' the skill requires host-provided delivery connectors (telegram/slack/feishu/discord/whatsapp). Verify which connectors the host exposes and that you trust them — the skill will send the full generated text to the delivery target if set up. 3) Contradiction to note: SKILL.md says '禁止联网检索' but simultaneously requires using message-sending tools for direct pushes; confirm whether you need networked delivery and whether that fits your privacy policy. 4) Filesystem access: the skill strictly reads/writes only under {baseDir} but you should confirm that {baseDir} is not mapped to broader system or sensitive paths. 5) Operational: the strict template and deterministic rules can cause repeated, identical content to be sent automatically — test in a safe environment first. If you need stronger guarantees, ask the host to: (a) run the skill in a read-only workspace, (b) disable automatic persistence, or (c) disable scheduled push/delivery connectors until you review them. If you want, I can: list exact questions to ask your platform admin to verify connector tokens and workspace paths, or suggest a safe {baseDir} and a minimal checklist to sandbox this skill.

Like a lobster shell, security has layers — review code before you run it.

latestvk970xz990zawr13k2n0vmxmj5981fs6q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔮 Clawdis

Comments