Bytesagain Fortune Teller
AdvisoryAudited by VirusTotal on Apr 4, 2026.
Overview
Type: OpenClaw Skill Name: bytesagain-fortune-teller Version: 1.0.0 The skill contains multiple shell injection vulnerabilities in 'scripts/fortune.sh' and 'scripts/script.sh' due to unquoted variable expansion (e.g., '$INPUT' and '$*'). These flaws could allow arbitrary command execution if the agent passes unsanitized input to commands like 'bazi', 'add', or 'search'. While the code appears to be a legitimate fortune-telling utility and lacks evidence of intentional malice or data exfiltration, the high-risk nature of these vulnerabilities warrants a suspicious classification.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent or user may expect tarot/I Ching features that are not actually provided by the reviewed scripts.
The skill advertises several fortune features, but the included fortune script only implements bazi, daily, and zodiac commands, while the other script is a generic utility. This is a capability-coherence issue, not evidence of malicious behavior.
description: "Draw tarot cards, cast I Ching hexagrams..." ... "tarot", "iching", "daily", "compatibility", "numerology", "palmistry"
Treat this as an entertainment tool and verify the available commands before relying on a specific feature.
If wired into a CLI, the skill will depend on local shell/Python execution that is not clearly declared in the registry metadata.
The artifacts include local Bash/Python helper code even though the registry lists no required binaries and no install spec. This is under-declared runtime plumbing, but the code is provided and does not show hidden downloads or remote execution.
#!/usr/bin/env bash ... python3 -c
Install only from the reviewed source, ensure the CLI maps to the reviewed scripts, and declare bash/python3 requirements in metadata if this is packaged.
User-entered text passed to the generic add/run/config-style commands may be stored locally until deleted.
The generic helper creates a persistent local data directory and records command history or added entries. This is scoped to local files and partly disclosed by SKILL.md, but users should know inputs can be retained.
DATA_DIR="${FORTUNE_TELLER_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/fortune-teller}" ... DB="$DATA_DIR/data.log" ... >> "$DATA_DIR/history.log"Avoid entering sensitive personal data, set FORTUNE_TELLER_DIR to a location you control if needed, and delete the local fortune-teller data directory to clear history.