Mens Mental Health
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: mens-mental-health Version: 1.0.0 The skill bundle contains only metadata and a markdown description. The SKILL.md file, which is an attack surface for prompt injection, describes the skill's functionality and usage without any malicious instructions or attempts to manipulate the AI agent. It explicitly states that user data remains local on the machine, indicating no intent for data exfiltration. No other high-risk behaviors were identified.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If you use the tracking features, sensitive reflections about mood, stress, relationships, or crisis feelings could become part of local notes, chat history, or agent memory depending on how your agent stores data.
The skill encourages long-term tracking of mental-health patterns. That is aligned with the skill's purpose, but it can involve sensitive personal data and the artifact does not specify storage location, retention, or deletion controls.
"Pattern Tracking: Spot what triggers stress and what helps you recover" and "Tracking months of data shows you what actually moves the needle."
Before using long-term tracking, check the host agent's memory, logging, export, and deletion settings, and avoid recording details you would not want retained.
A user may share more sensitive information because of the local-only wording, while actual storage or transmission behavior may depend on the OpenClaw host, model provider, and memory settings.
This is a strong privacy assurance in a sensitive mental-health context. The artifact does not include code or implementation details showing how local-only storage is enforced, so users should treat it as a claim to verify rather than a technical guarantee.
"All data stays local on your machine. Nothing leaves your device without your explicit choice."
Verify the platform's privacy policy and local-memory settings before relying on the local-only claim for highly sensitive disclosures.