Bazi Pro
Security checks across malware telemetry and agentic risk
Overview
Bazi Pro appears to perform the advertised birth-chart analysis, but it reads broad local .env credential files and uses LLM API keys with configurable endpoints, so it should be reviewed before use.
Before installing, decide whether you are comfortable sending birth details to DeepSeek/OpenAI or a configured compatible endpoint. Prefer a dedicated skill-specific API key, avoid running it from directories with sensitive .env files, verify the package source, and use --no-interpret when you only want local chart calculation.
VirusTotal
63/63 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may use API keys or provider settings from the current project directory or global OpenClaw environment, which can expose credentials to an unexpected LLM endpoint if those .env settings are not intended for this skill.
The code loads all variables from multiple local/global .env files, not just declared Bazi-specific settings, and later uses a loaded API key in an outbound Authorization header.
const paths = [path.join(process.cwd(), '.env'), path.join(__dirname, '.env'), path.join(os.homedir(), '.openclaw/.env')]; ... if (!process.env[key]) { process.env[key] = value; } ... 'Authorization': `Bearer ${apiKey}`Limit credential loading to explicitly declared keys and trusted skill-specific config, avoid reading the current working directory .env by default, and require clear user confirmation or allowlisting for custom LLM base URLs.
When AI interpretation is enabled, personal birth date/time and gender information can leave the local machine and be processed by the configured LLM provider.
AI interpretation sends the Bazi prompt, including user-provided birth details and calculated chart information, to DeepSeek/OpenAI or another configured compatible endpoint.
const url = `${baseURL}/chat/completions`; ... messages: [{ role: 'system', content: systemPrompt }, { role: 'user', content: userPrompt }]Use --no-interpret for local calculation only, and only configure API keys/base URLs for providers you trust with this personal data.
Users have less provenance information for judging whether the bundled calculation SDK is the expected code.
The registry metadata does not provide a verifiable source or homepage for the package, while the manifest includes a large bundled SDK used by the runtime.
Source: unknown; Homepage: none
Install only from a trusted publisher/source and prefer packages with a verifiable repository, release tag, or signed artifact.