ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cyber Girlfriend

v0.3.2

Build or customize an owner-only proactive companion system with a cyber-girlfriend persona, configurable guardrails, lightweight relationship memory, and op...

1· 459·0 current·0 all-time
byXieJiaQi@kasanuowa
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (an owner-only proactive companion) aligns with the included SKILL.md, the cron templates, and the companion_ping.py helper. All required behavior (pacing, quiet hours, lightweight memory, optional share caches) is implemented via local config and local state files; there are no unexpected credentials, binaries, or external installers requested.
Instruction Scope
The runtime instructions and templates explicitly instruct the agent and cron jobs to call scripts that read a local sessions store, state files, and optional share caches. This is coherent for learning from owner replies and enforcing cooldowns, but has privacy sensitivity: the script will read local session JSON/JSONL files (recent-owner-message extraction). The SKILL.md repeatedly warns to externalize routing and not to hardcode secrets, which is appropriate.
Install Mechanism
No install spec and no downloaded code. The skill is instruction-first with a single helper script included; nothing in the package downloads or executes remote installers.
Credentials
The skill requests no environment variables or external credentials in registry metadata. The config example requires owner_target and owner_session_key and runtime paths (sessions_store_path, state_file, cache_path) — these are directly relevant to delivering owner-only messages and inferring replies, so their presence is proportionate. No unrelated service keys are requested.
Persistence & Privilege
The skill is not always-on, does not request system-level persistence, and only writes/reads its own state and cache files under the workspace. It does not modify other skills' configs or system-wide settings.
Assessment
This skill appears internally consistent, but review and control the local config before enabling it: - Ensure delivery.owner_target / owner_session_key and sessions_store_path point only to the intended owner session (the script reads local session files). - Review companion_ping.py locally to confirm it only reads/writes the workspace paths you expect. - Check any configurable shell-command fields (healthcheck_command, jobs_list_command) before use — the helper uses subprocess.run on formatted templates, so avoid untrusted templates to prevent accidental command execution. - Use the recommended dry-run flow: create local config, run a single dry test, verify a user-visible delivery target, then allow the script to mark sent. - If you are uncomfortable with a script reading your session store or writing state files, do not enable the live cron jobs or run the skill; instead adapt the code to limit filesystem access or run it in an isolated workspace.

Like a lobster shell, security has layers — review code before you run it.

companionvk97ftqbas7tsp3xmbrq9g7afgn824ksnlatestvk978sh5mznw183hxrvvvkktq3984j3r1personavk97ftqbas7tsp3xmbrq9g7afgn824ksn

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments