MBTI Personality Test - MBTI性格测试
Security checks across malware telemetry and agentic risk
Overview
This MBTI skill appears to do what it promises, but it uses your JisuAPI key and sends your answers to JisuAPI to calculate the result.
This looks safe for its stated purpose if you are comfortable using JisuAPI. Before installing, make sure you are willing to provide a JISU_API_KEY and send MBTI answer data to api.jisuapi.com for scoring.
VirusTotal
62/62 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may consume the user's JisuAPI quota or operate under their JisuAPI account.
The skill reads a JisuAPI credential from the environment and sends it as the provider API key. This is disclosed and expected for the stated API integration, but it uses the user's API account and quota.
appkey = os.getenv("JISU_API_KEY") ... query = {"appkey": appkey}Use a dedicated or limited-scope JisuAPI key if available, monitor usage, and revoke the key if you stop using the skill.
The external provider receives the MBTI answer data needed to generate the personality result.
The completed MBTI answer string is sent to the external JisuAPI service to compute the result. This is purpose-aligned and disclosed, but the user's personality-test responses leave the local session.
ANSWER_URL = "https://api.jisuapi.com/character/answer" ... return _call_api(ANSWER_URL, appkey, {"version": version, "answer": answer})Install only if you are comfortable sending MBTI responses to JisuAPI, and avoid adding unrelated sensitive personal information to the answers.