Daily Roleplay Game
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: daily-roleplay-game Version: 1.0.2 The OpenClaw AgentSkills skill bundle 'daily-roleplay-game' is designed for an AI-driven roleplay game involving 'hidden kink guessing' and 'multi-backend image generation' (including NSFW content). While the nature of the content is adult-oriented, the skill includes explicit controls to manage sensitive information and content generation. Specifically, `kink_game_enabled.json` is reset daily to `false` by `ENGINE.md` and `scripts/setup.sh`, requiring explicit user command to enable the NSFW aspects. Furthermore, `ENGINE.md`, `AGENTS.md`, and `HEARTBEAT.md` contain strict, repeated instructions to the AI agent (e.g., '⛔ 禁止泄漏', '⛔ 禁止输出执行报告') to prevent leakage of un-guessed 'kinks' or internal system information to the user. Local file operations and external API calls (for news, weather, and image generation) are aligned with the stated purpose. There is no evidence of unauthorized data exfiltration, malicious execution, persistence mechanisms beyond user-configured OpenClaw cron jobs, or obfuscation. The prompt injection instructions are aimed at enforcing game rules and content restrictions, not subverting the agent for harmful purposes.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the setup script can create files and an agent in your OpenClaw environment.
The skill explicitly asks the user to execute a local shell setup script that modifies the OpenClaw workspace and creates an agent. This is expected for deployment, but it is still local code execution.
安装后运行部署脚本 ... `./skills/daily-roleplay-game/scripts/setup.sh` ... 脚本会自动:1. 创建 `role-play` agent ... 2. 部署引擎文件 ... 到 `~/.openclaw/workspace-role-play/`
Review the setup script before running it, and run it only from a trusted copy of the skill.
The roleplay system may keep generating, archiving, or sending daily content after setup if scheduled tasks are configured.
The skill discloses creating a separate agent and scheduled daily initialization/wrap-up behavior. This is purpose-aligned, but it can continue operating until the user disables the schedule.
创建 `role-play` agent ... 定时任务 — 添加 6:00 初始化 + 23:30 收尾归档 ... 6:00 — 自动初始化 ... 23:30 — 自动收尾(wrapup.sh)
Only configure the cron/scheduled tasks if you want ongoing daily automation, and remove those schedules to stop the game.
Your personal roleplay preferences, explicit game history, and generated content may remain on disk and influence future sessions.
The game stores user-provided personal details, roleplay state, guess history, achievements, and archives for reuse across sessions.
`USER.md` — 填写你的个人信息 ... `MEMORY.md` — 配置消息频道 ... `roleplay-active.md` ... `guess-log.md` ... `archive/` ... `history_tracker.json`
Avoid entering sensitive real-world personal information, keep the workspace private, and periodically review or delete archives/history files.
Generated roleplay messages or images could be delivered to a chat channel or image provider you configure.
The skill can send messages/images through configured channels and use external or local image-generation backends. This is disclosed and user-configured, but it crosses privacy boundaries.
`MEMORY.md` — 配置消息频道(discord/telegram/feishu/last) ... `TOOLS.md` — 配置生图工具(ComfyUI/SD WebUI/Midjourney/Nano Banana Pro ...) ... 发送早安消息 + 生图自拍
Use private channels and trusted image backends, and confirm where content will be sent before enabling messaging or image generation.