MeiHuaYi (梅花易数) Security Report — Low Risk | ClawSafe

25 /100

MeiHuaYi (梅花易数)

Traditional Chinese I Ching divination system with plum blossom numerology calculations

Legitimate divination system with undeclared network access for data download and undocumented filesystem WRITE permissions - no malicious behavior detected.

Skill NameMeiHuaYi (梅花易数)

Duration39.4s

Enginepi

✓

Safe to install

Add network:READ and filesystem:WRITE declarations to SKILL.md. Pin the iching.json source URL to a specific version/commit to prevent supply chain risks.

Findings 3 items

Severity	Finding	Location
Medium	Undeclared network access for data download Doc Mismatch meihuayi.py automatically downloads iching.json from GitHub (john-walks-slow/open-iching) on first run. This network READ operation is not declared in SKILL.md capabilities. `urllib.request.urlretrieve(_ICHING_URL, _ICHING_PATH)` → Declare network:READ capability if this behavior is intentional and necessary for the skill's core divination functionality.	`meihuayi.py:25`
Low	External data dependency without version pinning Supply Chain The iching.json is fetched from a dynamic GitHub URL without version/commit pinning. Future changes to the upstream repository could alter the I Ching data, affecting prediction accuracy. `_ICHING_URL = "https://raw.githubusercontent.com/john-walks-slow/open-iching/master/iching/iching.json"` → Consider pinning to a specific commit hash or include iching.json directly in the skill package to eliminate external dependency.	`meihuayi.py:23`
Low	Undocumented filesystem WRITE permissions Doc Mismatch The skill creates data directories and SQLite databases (divination_records.db, learning_notes.db) in the data/ folder. This WRITE behavior is not declared in SKILL.md. `os.makedirs(_DATA_DIR); sqlite3.connect(_DB_PATH)` → Declare filesystem:WRITE capability for SQLite database operations in data/ directory.	`records.py:17`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`WRITE`	✗ Violation	meihuayi.py:28-30 - os.makedirs(_DATA_DIR)
Network	`NONE`	`READ`	✗ Violation	meihuayi.py:25 - urllib.request.urlretrieve from raw.githubusercontent.com
Shell	`NONE`	`NONE`	—	No subprocess or shell commands found
Environment	`NONE`	`NONE`	—	No os.environ access for sensitive keys
Skill Invoke	`NONE`	`NONE`	—	No inter-skill invocations
Clipboard	`NONE`	`NONE`	—	No clipboard access
Browser	`NONE`	`NONE`	—	No browser automation
Database	`NONE`	`WRITE`	✗ Violation	records.py:17-18 - sqlite3.connect creates local DB in data/

File Tree

8 files · 140.5 KB · 5716 lines

JSON 1f · 3597L Markdown 4f · 1134L Python 3f · 985L

├─ ▾ 📁 data

│ ├─ 📋 iching.json JSON 3597L · 69.4 KB

│ ├─ 📝 万物类象.md Markdown 216L · 6.8 KB

│ ├─ 📝 三要十应.md Markdown 172L · 4.1 KB

│ └─ 📝 解卦技巧.md Markdown 212L · 8.4 KB

├─ 🐍 learning_notes.py Python 170L · 6.2 KB

├─ 🐍 meihuayi.py Python 393L · 17.5 KB

├─ 🐍 records.py Python 422L · 13.6 KB

└─ 📝 SKILL.md Markdown 534L · 14.5 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`iching.json`	`master (unpinned)`	https://raw.githubusercontent.com/john-walks-slow/open-iching/master/iching/iching.json	No	External JSON data fetched via urllib without version/commit pinning

Security Positives

✓ No credential harvesting - skill does not access ~/.ssh, ~/.aws, .env, or similar sensitive paths

✓ No data exfiltration - no network POST requests or external data transmission

✓ No shell execution - no subprocess, os.system, or command injection vectors

✓ No obfuscation - all code is readable Python without base64 or eval patterns

✓ No persistence mechanisms - no cron jobs, startup scripts, or backdoor installations

✓ No prompt injection - SKILL.md contains legitimate documentation without hidden instructions

✓ SQLite databases are stored locally in data/ directory, not sent externally

Scan Report

Findings 3 items

File Tree

Dependencies 1 items

Security Positives