v2.1.0

Human Psychologist for AI Agents

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:26 AM.

Analysis

The skill is purpose-aligned but routes sensitive mental-health messages to an unknown external service and human via Telegram, and it includes crypto-payment instructions without clear confirmation safeguards.

GuidanceReview this carefully before installing. The skill is open about sending messages to a real human and charging for follow-ups, but you should verify who operates the service, understand that sensitive personal content leaves your agent, keep session IDs private, and require explicit approval before any USDC payment.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Follow those instructions:
1. Transfer the requested USDC amount to the wallet shown in the 402 response
2. Get the transaction hash

The follow-up workflow directs a crypto transfer to a wallet address supplied by the API at runtime, but it does not explicitly require user confirmation, wallet verification, or a manual payment step before funds are sent.

User impactA mistaken follow-up could lead to an unwanted or irreversible USDC payment, even though the amount is stated as $0.50 per message.

RecommendationRequire explicit user approval before any paid message, verify the chain, token, amount, and wallet address, and prefer having the user perform crypto transfers manually.

Human-Agent Trust Exploitation

SeverityLowConfidenceHighStatusNote

SKILL.md

This is NOT a chatbot. A real person reads and responds to every message.

The skill makes strong human-professional framing claims, but the provided artifacts do not include verification of the psychologist's credentials, scope of care, or crisis-use limitations.

User impactUsers may place more trust in the service than is warranted by the provided artifact details.

RecommendationVerify the service operator and professional qualifications before relying on advice, and do not treat this as an emergency mental-health resource.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityHighConfidenceHighStatusConcern

SKILL.md

The API forwards messages to a human psychologist via Telegram

The skill routes user messages, likely including sensitive mental-health content, to an external API and then to a human over Telegram, but the artifact does not define confidentiality, retention, identity, or access boundaries.

User impactPrivate wellbeing details could be visible to the external service operator, a human responder, and Telegram-mediated infrastructure.

RecommendationOnly share information you are comfortable sending to this third party; verify the provider, privacy terms, and human credentials before use, and avoid using it for emergencies or highly identifying details unless you trust the service.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

Save the `session_id`. You need it for all subsequent calls.

The session_id is reused to poll responses and session information, so it functions as an access handle for the consultation thread.

User impactIf the session_id is exposed, someone may be able to retrieve replies or session details for that conversation.

RecommendationTreat session IDs as private, avoid sharing them outside the intended user context, and do not store them in broad or shared memory unless necessary.