Back to skill
Skillv1.1.0
VirusTotal security
Memepickup Wingman · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 4:10 AM
- Hash
- 955f469bcdefb52c7dd9d8a522a6ca2a84a7b79bd7181c44159f31bf1e421a06
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: memepickup-wingman Version: 1.1.0 The skill is classified as suspicious due to its high-risk 'Auto-Swipe Mode' feature, which involves the AI agent instructing the OpenClaw/Manus platform to perform screen interaction or browser automation on dating apps. While this functionality is explicitly disclosed, opt-in, and includes safety rails (e.g., max profiles, random delays, stop on CAPTCHA), it carries significant risks such as violating platform Terms of Service and potential account bans, as detailed in `SKILL.md` and `references/AUTO-SWIPE.md`. Additionally, the skill transmits sensitive user data (dating conversations, profile screenshots) to a third-party API (`rork-memepickup-app-3.vercel.app`), as disclosed in `SKILL.md`'s 'Security & Privacy' section. Although the code (`scripts/api.sh`, `scripts/api.py`) is well-structured with action whitelisting and robust input handling against injection, the inherent risks associated with its core features warrant a 'suspicious' classification rather than 'benign' or 'malicious' (as there's no evidence of intentional, undisclosed harmful behavior).
- External report
- View on VirusTotal