Hinge Agent - Barney Stinson
WarnAudited by ClawScan on May 18, 2026.
Overview
The skill is coherent for Hinge automation, but it can take over a logged-in dating account, send likes/messages/roses, use local OpenAI credentials, and persist or send sensitive dating data.
Install only if you are comfortable letting it control a live logged-in Hinge session. Prefer non-sending or like-only modes, keep the app visible, review any OpenAI/Appium configuration it will use, and periodically delete or inspect the hinge-data folder.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If launched in daemon/autonomous mode, the skill may continue driving the logged-in Hinge session and make social/account actions while it is running.
This documents autonomous takeover behavior in a live dating-app session after a short observation period.
By default, Barney observes manual usage for 90 seconds at startup, then takes over.
Use the least-powerful mode, avoid full_access unless you want autonomous sending, keep the UI visible, and stop the daemon when finished.
With an active Appium session, the skill’s helper can potentially operate other apps or UI elements on the device if invoked incorrectly.
The generic Appium helper can activate arbitrary bundle IDs and the same script exposes tap/type operations, rather than technically limiting control to Hinge.
const bundleId = getArg('--bundle-id', process.env.IOS_BUNDLE_ID || ''); ... request('POST', `/session/${sessionId()}/appium/device/activate_app`, { bundleId });Restrict automation to the Hinge bundle/session, require confirmation for taps/types outside Hinge-specific helpers, and avoid exposing generic Appium commands to autonomous workflows.
The skill may use your existing OpenAI credential and incur provider usage or send dating context under that account without an explicit credential declaration.
The script searches local OpenClaw configuration for an OpenAI API key, while the registry metadata declares no primary credential or required env vars.
path.resolve(__dirname, '..', '..', '..', 'openclaw.json') ... const key = config?.models?.providers?.openai?.apiKey;
Require explicit opt-in for OpenAI credentials, document the exact credential sources, and prefer a skill-specific config entry over reading global OpenClaw provider settings.
Sensitive dating profiles, screenshots, or conversation context may leave the device and be processed by third-party services.
The skill is designed to send profile/thread context to external AI/provider services, but the artifacts do not clearly define redaction, retention, or provider data boundaries.
use Rizz API lines as inspiration only; use OpenAI inference to return one best message, backups, and risk notes
Ask before sending live profile/thread data to providers, redact unnecessary personal details, and clearly document which external services receive which data.
Private dating preferences, observed behavior, and message style may remain on disk and be reused in later sessions.
The skill persists sensitive dating behavior and style/taste in local memory that can later influence autonomous decisions.
Persisted outputs: `hinge-data/user-observation.json` session logs; `profile-preferences.json` updates to `user.chatStyleExamples`, `user.observedInterestHints`, and `user.observationSummary`
Keep hinge-data in a dedicated private directory, review or delete stored observations regularly, and do not enable persistence if you only need one-off drafting.
An additional local helper may run and process drafted message text if present on the machine.
The AI script can auto-detect and execute an optional ai-humanizer CLI from another local skill, which is related to message drafting but is not clearly disclosed in SKILL.md.
path.join(codexHome, 'skills', 'ai-humanizer', 'src', 'cli.js') ... spawnSync(process.execPath, [cliPath, 'humanize', '--json', '--autofix']
Document optional helper execution, let users disable it, and avoid auto-running helper code from other skills unless explicitly selected.