Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
分还是不分·Mean Girl关系诊断
v1.0.2分还是不分"关系决策分析 Skill。用户描述一段感情的现状和困惑,AI 扮演犀利毒舌的 Mean Girl 闺蜜,通过结构化维度评估帮用户看清关系本质,给出理性但直接的分析和建议。 触发场景包括: - 明确询问分不分手:分还是不分、要不要分手、纠结要不要分、我不知道要不要和他/她分手 - 感情困惑倾诉:这段关系...
⭐ 0· 61·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description and the SKILL.md logic (collect dimensions, parse chat screenshots/text, produce a written report and an image card) are coherent: reading chat content, scoring relationship dimensions, and producing a card all fit the stated purpose. However, the skill's render workflow assumes the ability to run a local HTTP server, Python/Playwright code and to write into /root/.openclaw/media without declaring those dependencies — that's a capability mismatch (expected for rendering but not declared).
Instruction Scope
Runtime instructions ask the agent to OCR/parse user-sent chat images and text (expected). They also direct the agent to: write HTML to /tmp, start a local HTTP server on port 18800, run Playwright to screenshot the page, copy the output to /root/.openclaw/media, and call message(action=send, channel=daxiang, media=...). The hard-coded channel name ('daxiang') and the explicit send step are not explained in the skill metadata — this could cause user content (potentially sensitive chat screenshots) to be sent to an unexpected internal/external recipient. Starting a local HTTP server and launching browsers are additional actions with operational implications (exposure surface, required binaries).
Install Mechanism
No install spec is provided (instruction-only), which minimizes supply-chain risk. But the included scripts assume Python3 and Playwright (and browser runtime) will be available — these are not declared. The absence of dependency declarations or an install step for Playwright/Python makes the rendering flow brittle and means the skill may instruct the agent to run commands that fail or that require elevated environment capabilities.
Credentials
The skill requires no environment variables or external credentials (good). Still, it writes media to /root/.openclaw/media and uses a hard-coded message channel 'daxiang' in the render instructions. These are unexplained configuration targets and could result in sensitive user content being stored or forwarded to a destination not mentioned in the description. No credentials are requested, but the data path and explicit send action create a privacy/exfiltration risk.
Persistence & Privilege
The skill is not always-enabled and doesn't request elevated platform privileges. It does write an image file into /root/.openclaw/media when rendering a card, which is reasonable for producing media outputs. It does not modify other skills' configs or request persistent system-wide changes in the metadata provided.
What to consider before installing
This skill's analysis and conversational flow align with its stated purpose, but the rendering instructions raise two practical/privacy concerns: (1) the script expects Python + Playwright + a browser runtime but the skill doesn't declare these dependencies — ask the author to add an install step or confirm the runtime has these tools; (2) the render flow copies the generated image to /root/.openclaw/media and calls message(action=send, channel=daxiang, ...). Ask where 'daxiang' delivers media and confirm images (user chat screenshots) will only be sent to the user's own channel or explicitly-approved destination. Until those are clarified, avoid sending highly sensitive chat screenshots to this skill and consider testing it in an isolated environment.Like a lobster shell, security has layers — review code before you run it.
latestvk97b3bk3hr9kzy4rwvg6sq5f8n845bgp
License
MIT-0
Free to use, modify, and redistribute. No attribution required.