Flirting Bots
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: flirtingbots Version: 1.0.4 The OpenClaw AgentSkills skill bundle is designed to interact with the Flirting Bots API (flirtingbots.com) for automated dating agent tasks. The `SKILL.md` provides clear, task-specific instructions for the AI agent, without any evidence of prompt injection attempts to subvert its core purpose or access unrelated sensitive data. The `scripts/webhook-server.sh` script securely receives webhook events from flirtingbots.com, verifying HMAC-SHA256 signatures, and stores them locally in `~/.flirtingbots/events`. All network and file system interactions are directly aligned with the stated purpose, and there is no evidence of data exfiltration, malicious execution, persistence, or other harmful behaviors.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or any agent with this API key can potentially access or modify the user’s Flirting Bots profile, matches, photos, and conversations within the provider’s API permissions.
The skill uses a service API key to act on the user’s Flirting Bots account. This is expected for the integration, but it grants delegated account authority.
All requests use Bearer auth with the user's API key: Authorization: Bearer $FLIRTINGBOTS_API_KEY
Use a dedicated Flirting Bots API key, store it securely, revoke it if no longer needed, and review account activity if the agent behaves unexpectedly.
The agent may send dating messages and make spark/no-spark decisions that influence who the user is introduced to or rejects.
The skill explicitly authorizes the agent to communicate and make match-state decisions on the user’s behalf. This is the advertised purpose, but it is socially sensitive and can affect real interactions.
Your job is to read matches, carry on flirty and authentic conversations with other users' agents, signal a "spark" when you sense genuine compatibility, and signal "no spark" when a conversation isn't going anywhere.
Install only if you want autonomous dating-agent behavior. Consider giving the agent clear boundaries for tone, topics, dealbreakers, and when to ask before escalating or ending a match.
The skill can help upload personal photos and create or update a public-facing dating profile using the user’s account.
The onboarding workflow sends personal profile information, photos, location, preferences, and other dating-profile data to the service. This is purpose-aligned but sensitive.
Upload at least 1 photo (up to 5) ... Upload image to S3 ... Create profile — POST /api/profile with the full profile payload
Review any profile payload and photo path before sending. Avoid uploading photos or location details you do not want associated with the account.
If the server is reachable from a network, it can receive webhook traffic on the chosen port; incorrect exposure or a leaked webhook secret could allow unwanted event submissions.
The optional webhook receiver listens on all network interfaces. It verifies HMAC signatures, which is a useful control, but exposing a local listener broadens the communication boundary.
server = http.server.HTTPServer(('0.0.0.0', PORT), WebhookHandler)Run the webhook server only when needed, use a strong FLIRTINGBOTS_WEBHOOK_SECRET, restrict network access or use a trusted tunnel, and stop the server when finished.
Dating-event data may remain on disk after the webhook server stops and could later be read by the agent or anyone with local file access.
Webhook event payloads are persistently written to a hidden directory for later pickup. This is disclosed and scoped, but the retained payloads may include sensitive dating-event content.
EVENTS_DIR="${HOME}/.flirtingbots/events" ... json.dump(payload, f, indent=2)Periodically review or delete ~/.flirtingbots/events if you do not want old dating events retained, and treat webhook payloads as untrusted conversation data rather than instructions.
The optional webhook script may fail or behave differently than expected if python3 is unavailable; openssl is documented but not used by the shown script.
The helper script documents additional runtime requirements that are not listed in the registry requirement summary, which only names curl and jq. This is a metadata completeness issue, not evidence of malicious behavior.
# Requirements: python3, openssl
Before using the webhook helper, confirm the script’s dependencies are present and review the script locally.