Lottery Predictor V3 8
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users could treat the predictions as financially meaningful and spend money on lottery tickets or subscriptions based on overstated accuracy claims.
The artifact promotes a very high lottery prediction accuracy alongside paid access. For a gambling-related skill, that claim can cause users to over-trust predictions or pay/spend money based on a metric that is not clearly established as reliable future performance.
"description": "基于机器学习的双色球预测工具,随机森林+Gradient Boosting+ 规则集成,15 维特征工程,红球准确率 80.8%", ... "pricing": { "type": "freemium", "freeCalls": 3, "paidPrice": 29, "paidCurrency": "CNY" }Treat the skill strictly as entertainment. The publisher should clearly distinguish training/backtest metrics from future win probability and avoid marketing accuracy claims without transparent, reproducible validation.
The skill may read a specific local database if present, even if the user expected the environment variable to choose the data source.
The prediction script reads a fixed local SQLite database path instead of visibly using the declared LOTTERY_DB_PATH setting. This is purpose-aligned local data access, but the scoping is less user-controlled than the metadata suggests.
DB_PATH = os.path.expanduser('~/.openclaw/workspace/projects/caipiao/data/caipiao.db')Verify the database path before running, and prefer updating the script to read LOTTERY_DB_PATH explicitly.
Running a backtest can create or overwrite report files in the local OpenClaw workspace.
The backtest script writes a report file under a fixed workspace location. This is expected for a backtest report, but it is still a file write and is broader than a read-only filesystem declaration would imply.
report_path = os.path.expanduser(f'~/.openclaw/workspace/projects/caipiao/reports/v3.8_backtest_{periods}periods.md')
with open(report_path, 'w', encoding='utf-8') as f:Run backtests only when you want local report files created, and check the output path if preserving existing reports matters.
Users may install different package versions than the author tested, which can affect reliability or supply-chain exposure.
The install guidance uses unpinned package names. These dependencies are expected for the stated machine-learning purpose, but unpinned installs can vary over time.
pip3 install scikit-learn numpy pandas
Install in a virtual environment from a trusted package index and consider pinning known-good dependency versions.