qimen-pan-skill 安全扫描报告 — 可信 | ClawSafe

0 /100

qimen-pan-skill

奇门遁甲排盘技能。支持阴阳遁、局数、八门九星八神落宫、断卦解盘自动化分析。

This is a legitimate traditional Chinese divination (奇门遁甲) tool with pure computational code and no malicious behavior detected.

技能名称qimen-pan-skill

分析耗时28.0s

引擎pi

✓

可以安装

This skill is safe to use. No security concerns identified.

资源类型	声明权限	推断权限	状态	证据
文件系统	`NONE`	`NONE`	—	No filesystem access in any script
网络访问	`NONE`	`NONE`	—	No network requests in any script
命令执行	`NONE`	`NONE`	—	No subprocess or shell execution in Python scripts; backup.sh is local-only
环境变量	`NONE`	`NONE`	—	No access to os.environ or sensitive environment variables
技能调用	`NONE`	`NONE`	—	No skill_invoke calls
剪贴板	`NONE`	`NONE`	—	No clipboard access
浏览器	`NONE`	`NONE`	—	No browser interaction
数据库	`NONE`	`NONE`	—	No database access

4 项发现

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/version-2.0.1-blue.svg

README.md:5

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/python-3.8+-green.svg

README.md:6

🔗

中危外部 URL 外部 URL

https://python.org

README.md:6

🔗

中危外部 URL 外部 URL

https://img.shields.io/badge/license-MIT-orange.svg

README.md:7

目录结构

7 文件 · 79.0 KB · 2353 行

Python 2f · 1592L Markdown 4f · 691L Shell 1f · 70L

├─ ▾ 📁 references

│ └─ 📝 奇门基础知识.md Markdown 134L · 4.1 KB

├─ ▾ 📁 scripts

│ ├─ 🔧 backup.sh Shell 70L · 1.8 KB

│ ├─ 🐍 qimen_pan_v2.py Python 1214L · 47.3 KB

│ └─ 🐍 qimen_pan.py Python 378L · 12.2 KB

├─ 📝 CHANGELOG.md Markdown 238L · 5.7 KB

├─ 📝 README.md Markdown 281L · 6.9 KB

└─ 📝 SKILL.md Markdown 38L · 1.0 KB

安全亮点

✓ Pure Python implementation with no external dependencies

✓ No network requests, no credential access, no data exfiltration

✓ No shell execution (subprocess, os.system, or shell scripts executed by Python)

✓ backup.sh is a local-only file backup utility with no remote reach

✓ Code is well-structured astronomical/calendar computation: lunar calendar conversion, solar term calculation, true solar time correction, and divination logic

✓ SKILL.md accurately describes all functionality

✓ No base64, eval, curl|bash, pip install, or other high-risk patterns

✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)

✓ No hidden functionality or steganographic payloads