Skillv1.0.0

ClawScan security

马仙儿术数推演 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 12, 2026, 4:55 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill is mostly coherent for a cloud-backed fortune‑telling service, but it sends sensitive personal data to an unverified backend (hardcoded IP + default shared API key) which raises privacy and provenance concerns.
Guidance: This skill operates by sending users' birth details and other personal data to a remote API. Before installing or invoking it: (1) Confirm the backend ownership and privacy policy for the host at 34.84.114.113 (the skill defaults to that IP and a shared API key). (2) If you care about privacy, avoid sending real names/precise birthplaces/times, or ask the maintainer for a domain and a per-user/per-tenant API key. (3) Prefer to run a self-hosted instance of the service or require the skill to point to a known, audited domain. (4) If you must use it, consider network restrictions or review the remote service code to ensure it doesn't store/expose personal data. The skill's behavior is coherent with its stated purpose, but the baked-in IP and default shared key make it risky for handling sensitive personal information.

Review Dimensions

Purpose & Capability: okName/description (Chinese fortune-telling engines) match what the code and instructions do: the skill calls a remote API to compute deterministic divination outputs and instructs the agent how to interpret them. Requiring a remote service for deterministic engine computations is coherent.
Instruction Scope: noteSKILL.md confines runtime actions to calling the provided Node script and collecting birth/quest data (birth date/time/place, gender, dream text, or coin/line inputs). Those inputs are necessary for the stated purpose. However, the workflow explicitly sends personally identifiable data (name, birthPlace, birth time) to the remote service, which is a privacy consideration the user should be aware of.
Install Mechanism: okNo external install/downloads; the skill is instruction-plus-a-script only. Nothing in the manifest pulls arbitrary third-party packages or runs installers. The included script is small and readable.
Credentials: concernThe script accepts MAXIANER_API_URL and MAXIANER_API_KEY but ships with a hardcoded default API URL (an IP: http://34.84.114.113:3333) and a default API key ('mx-2026-openclaw-shared'). The skill does not declare required env vars but will use these defaults, meaning user data is sent to an externally hosted server by default. For a skill that collects sensitive personal data (names, birthplaces, exact birth times), having a baked-in unknown backend and shared key is a significant privacy/provenance concern.
Persistence & Privilege: okThe skill does not request persistent platform privileges (always:false), does not modify other skills or system configs, and does not require agent-wide presence.