Multi Group Chat Manager
ReviewAudited by ClawScan on May 16, 2026.
Overview
This is a coherent group-chat profiling tool, but it can ingest group history and persist per-user profiles and ratings without clear technical access-control or consent safeguards.
Install only if you administer the relevant groups and members understand that messages may be used to build local profiles and scores. Configure only intended groups, protect the OneBot endpoint, review/delete the generated profiles and logs periodically, and do not rely on the private-query/privacy claims unless you add or verify real access controls.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Group members may be profiled, remembered, and treated differently by the agent based on stored chat-derived traits.
The skill writes per-user traits into persistent memory for later recall. Because these traits are derived from group chats, they can become long-lived context that affects future interactions.
每个特征条目作为独立记忆存入 FluidMemory ... fm.store(user_id, item, tags=[field_label, source], field=field_key)
Use only for groups where this is expected and consented to; limit configured groups, define retention and deletion/opt-out procedures, and regularly review or purge stored profile files.
If the agent invokes this carelessly, one person's private score history and reasons could be shown to someone else.
The helper can return complete affection records for any supplied user_id, but the shown function does not take or verify a caller identity or administrator credential.
def query_detail(user_id):
"""
详细查询(供管理员使用)。
返回完整好感度信息和所有加减分条目。Add explicit caller/admin checks at the tool or skill layer, require user confirmation before detailed lookups, and redact or restrict reasons unless the requester is authorized.
Users may assume privacy protections are technically guaranteed when they may depend on correct agent behavior and deployment discipline.
These are strong privacy guarantees, but the provided artifacts mainly show storage/query helpers and policy text; they do not clearly show technical enforcement of private-only queries or automatic PII filtering.
✅ **查询仅限私聊**,且别人查不到你的数据 ✅ **不记隐私信息**(地址/密码/姓名等)
Document the limits of these guarantees, implement enforceable access checks and PII filtering where possible, and clearly tell group members what is collected and stored.
A misconfigured or exposed OneBot endpoint could broaden access to group data beyond the intended local bot setup.
The collector uses the configured OneBot HTTP API and the bot/account privileges behind it to read group message history. This is expected for QQ integration, but it is delegated account access.
resp = requests.post(url, json=params or {}, timeout=timeout) ... params = {"group_id": int(group_id), "count": batch_size}Keep the OneBot API bound to localhost or otherwise protected, configure only intended groups, and use OneBot authentication controls if available.