Meihua Yijing
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears benign: it runs a local Python script for divination calculations and does not request credentials, network access, persistence, or broad system permissions.
This looks safe from the provided artifacts. The main thing to know is that it runs an included Python script locally and the source is listed as unknown; it does not appear to need credentials, network access, or persistent permissions. Treat the divination output as informational only.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill will run a local Python file, but the artifacts show this is for the advertised divination calculation rather than unrelated system activity.
The skill instructs the agent to execute the included local Python script to compute the divination result. This is expected and proportionate to the stated purpose.
python3 "{baseDir}/meihua.py" timeInstall only if you are comfortable running the included script; no credentials or elevated permissions appear necessary.
You may have less ability to verify the author’s original repository or maintenance history.
The registry information does not provide an external source or homepage, so users have less provenance information for the skill.
Source: unknown; Homepage: none
Prefer trusted publishers when possible, and review included code before installing skills from unknown sources.