Daily Horoscope Creator
PassAudited by ClawScan on May 2, 2026.
Overview
This is a coherent horoscope image generator, but it needs a TianAPI key in a local config file and the reviewed package is missing the referenced config template, so users should verify setup and protect the key.
Install only if you are comfortable providing a TianAPI API key. Create the config carefully, confirm any API URLs are official TianAPI URLs, and keep config.json out of shared folders or version control.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the local config file is shared or committed accidentally, someone else could use the user's TianAPI quota or account access.
The script uses a user-provided TianAPI key in API requests. This is expected for the stated integration, but it is still a sensitive credential.
TIANAPI_KEY = config['tianapi']['key'] ... params = { "key": TIANAPI_KEY, "astro": constellation }Use only a TianAPI-specific key, keep config.json private, avoid committing it to version control, and rotate the key if it may have been exposed.
Users may need to create or obtain configuration details outside the reviewed package, which could cause misconfiguration or send the API key to the wrong endpoint if not checked.
The skill instructs users to copy config.json.example, but that file is not present in the provided file manifest; the code also expects URL fields in config, so the reviewed artifacts do not fully show the intended credential/config template.
cp config.json.example config.json
Before running, verify the config schema and ensure the fortune and pair URLs are official TianAPI endpoints.