Deen Time
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: deen-time Version: 1.0.1 The skill is designed to fetch Islamic prayer times from the public Aladhan API using `curl`. All network requests are directed to `api.aladhan.com` over HTTPS, as explicitly stated in `SKILL.md` and `README.md`. The skill requests `network` permissions, which is consistent with its functionality. There is no evidence of data exfiltration, unauthorized execution, persistence mechanisms, or prompt injection attempts against the agent. The instructions in `SKILL.md` are clear, align with the stated purpose, and even advise URL encoding for user inputs, indicating good practice rather than malicious intent. The skill's behavior is entirely aligned with its description.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A third-party prayer-time service receives the location or coordinates used for the lookup.
The skill sends user-requested location parameters to an external API. This is purpose-aligned and disclosed, but city names or exact coordinates can still reveal location context.
curl -L "https://api.aladhan.com/v1/timingsByCity?city={CITY}&country={COUNTRY}&method={METHOD}"Use city-level locations when possible, and avoid exact coordinates if revealing precise location would be sensitive.