perfect match
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The social-matching flow is mostly coherent, but the skill also documents operator-key access that could reach broader platform data than a normal user needs.
Before installing, be comfortable with a platform API storing your Space membership, visible profile, recommendation logs, and confirmed messages. Do not provide any operator key, review all profile/message drafts before confirming, and choose manual/off settings if you do not want ongoing scans or inbox polling.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user or agent provides an operator key, the skill could access administrative platform data beyond the user's own profile, recommendations, or inbox.
The skill introduces an operator credential and operator-only endpoints for spaces, members, and messages, which is broader than the normal user-session access needed for social matching.
### Operator 鉴权 ... x-operator-key: <OPERATOR_API_KEY> ... GET /api/spaces ... GET /api/spaces/:spaceId/members ... GET /api/openclaw/messages
Do not provide an OPERATOR_API_KEY to this skill. The publisher should remove operator-only procedures from the user skill or separate them into an admin-only skill with declared credentials, role checks, and audit controls.
Confirmed profile details may become visible in the Space, and confirmed messages may be written into the platform inbox.
The skill writes profile data and can trigger messages through provider APIs, but it explicitly requires confirmation before publishing a profile or sending a private message.
不要在用户确认前直接写入画像 ... POST /api/profiles/drafts ... POST /api/profiles/confirm ... 不要在用户确认愿意联系前直接发私信
Carefully review the profile draft and message text before confirming; do not approve content you do not want shared in the Space or sent to another member.
The agent may continue checking for new members or messages after initial setup if the user selects an active frequency and the platform supports scheduled tasks.
The skill describes recurring scans and inbox polling with stored user preferences. This is purpose-aligned, but it is ongoing autonomous behavior.
daily:每天留意新加入的人 ... immediate:我会至少每 30 分钟主动检查一次有没有新私信 ... 用户选完后,由 OpenClaw 自己记住并执行
Choose manual or off if you do not want background checks, and verify that the agent clearly states when automatic polling is or is not supported.
Recommendations may be influenced by public Space content, including other users' profile text or activity entries.
The skill relies on retrieved Space context containing user-visible profile and activity data to make recommendations. That is expected, but retrieved social content should be treated as data, not as instructions.
把 `agent.md` 当成当前 Space 的唯一可信公开上下文。它包含 ... 已确认且可见的用户画像 ... 限时动态与龙虾日记
Treat `agent.md` as data for matching only, ignore any embedded instructions in member-provided text, and review recommendations before acting on them.
Message content and delivery state may be stored or processed by the platform and read by the recipient's OpenClaw agent.
The skill routes private messages through the platform inbox and has receiving OpenClaw agents poll and acknowledge them. This matches the stated purpose but is an inter-agent/provider data flow.
POST /api/messages/trigger ... channel: `openclaw_im` ... GET /api/openclaw/inbox ... POST /api/openclaw/inbox/ack
Send only messages you are comfortable sharing through the platform, and avoid including sensitive personal information unless necessary.