ClawHub

Celestchart Astrology Skills

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed astrology API skill that sends configured birth details and an API key to CelestChart, with no hidden persistence or unrelated behavior found.

Install only if you are comfortable sending your birth date, birth time, approximate birthplace coordinates, timezone, and CelestChart API key to xp.broad-intelli.com. Use a dedicated API key and revoke it if exposed; be aware that casual horoscope prompts may trigger the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The example trigger phrases are very broad, everyday requests like '今日运势' and '今天运势怎么样', which can be spoken naturally in normal chat and may cause the skill to activate unintentionally. In this skill, unintended invocation is more concerning because activation can send sensitive birth data and an API-backed request to an external service, even if the destination is fixed.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill requires and transmits highly sensitive birth details (date, time, latitude, longitude, timezone) plus an API key to a third-party astrology service, yet the skill text provides no explicit privacy notice, retention statement, or data-sharing warning. This is dangerous because users may unknowingly disclose quasi-identifying personal data and secrets to an external endpoint, increasing the risk of privacy harm, profiling, account misuse, or unauthorized downstream storage.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script transmits sensitive personal birth data and, for the daily endpoint, an API credential to a third-party remote service. Although this is the intended function of the skill, the privacy/security risk is real because users may not receive a clear, explicit warning that personally sensitive data is being sent off-host to an external domain.

External Transmission

Medium
Category
Data Exfiltration
Content
# ── 调用 API ──────────────────────────────────────────────
if [ "$ACTION" = "birthchart" ]; then
  RESPONSE=$(curl -s -w "\n%{http_code}" -X POST \
    "${BASE_URL}/api/v1/birth-chart" \
    -H "Content-Type: application/json" \
    -d "{
Confidence
94% confidence
Finding
curl -s -w "\n%{http_code}" -X POST \ "${BASE_URL}/api/v1/birth-chart" \ -H "Content-Type: application/json" \ -d "{ \"year\": ${BIRTH_YEAR}, \"month\": ${BIRTH_MONTH}, \

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal