ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Last Words

v1.0.0

Auto-deliver final messages to loved ones after 30 days of inactivity. Use when user wants to record a final message, configure email delivery, manage voice...

0· 110·0 current·0 all-time
byLeon Liu@dilboy

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for dilboy/last-words.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Last Words" (dilboy/last-words) from ClawHub.
Skill page: https://clawhub.ai/dilboy/last-words
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install last-words

ClawHub CLI

Package manager switcher

npx clawhub@latest install last-words
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill's requested capabilities (record messages, monitor chat activity, send email attachments) align with the stated purpose. It legitimately needs an SMTP account to deliver email and needs access to local OpenClaw session files to detect activity. However, the repository includes a secure_storage module for encrypting secrets but the interactive configuration flow and configure_delivery.py store SMTP credentials directly in the local SQLite database (no call to secure_storage), so the claimed 'secure storage' is not actually wired into the save path.
!
Instruction Scope
SKILL.md instructs the agent to collect SMTP authorization codes via chat and to run local scripts that save those credentials. The code then writes the SMTP password into the local SQLite DB in plaintext (configure_delivery.py -> database.save_config). The instructions claim passwords are masked in chat and stored locally only, but masking in chat does not prevent the credential from being captured in chat logs or the DB. Also, check_activity.py's warning email implementation appears to set the warning recipient to config['contact'] (the configured recipient), which means warnings intended for the user may be sent to the recipient — a surprising/incorrect behavior that could leak information to third parties.
Install Mechanism
There is no remote install/download step; the skill contains local scripts and a deploy.sh for manual remote deployment. No external, arbitrary downloads or URL-extraction installs are used. The lack of an install spec in registry metadata is fine for a script-based skill, though the package includes multiple executable scripts that will be written to disk when installed.
!
Credentials
Registry metadata declares no required env vars, but the skill requires SMTP credentials (smtp_user/smtp_pass/contact) to function. It also supports loading from a .env file and mentions LAST_WORDS_MASTER_PASSWORD / secure_storage for encryption, yet the configure path does not use secure_storage to encrypt the password. So the skill requests highly sensitive secrets (email auth code) for a plausible reason, but the handling is inconsistent and exposes those secrets locally (and potentially in chat logs).
Persistence & Privilege
The skill does not request special global privileges and isn't marked always:true. It stores data under ~/.openclaw/last-words and creates a local SQLite DB and audio files. One additional behavioral note: the debug mode enables immediate sending of messages (bypassing the 30-day wait), which increases the risk of accidental or unexpected delivery if enabled — consider auditing or disabling debug mode before configuring sensitive credentials. Autonomous invocation is allowed by default (normal), so the skill could run its daily check if installed and scheduled.
What to consider before installing
Before installing or entering credentials: 1) Treat the SMTP auth code as highly sensitive. The skill will ask for it and will store it in the local SQLite DB in plaintext by default. Although a secure_storage module exists, it is not used by the configure flow — so your credential will be stored unencrypted unless you modify the code. 2) Prefer creating a dedicated/send-only email account (or application-specific password) for this feature rather than using your primary email account. That limits blast radius if the DB is exposed. 3) Avoid pasting secrets into chat if you can. Use the --from-env path with a .env file or set environment variables and then run python3 configure_delivery.py --from-env so the credential is read from the environment file instead of being typed into the chat flow. Still be aware .env files on disk are another local secret store to protect. 4) If you need encryption: either (a) set LAST_WORDS_MASTER_PASSWORD and modify configure_delivery.py to call secure_storage.secure_store before saving smtp_pass, or (b) patch configure_delivery.py to encrypt before database.save_config — otherwise stored secrets remain plaintext. 5) Review/test the code in an isolated environment first. Note debug_mode allows immediate sends — keep debug disabled until you have validated recipients and credentials. Also confirm where warning emails go: the current implementation may send inactivity warnings to the configured 'contact' (recipient) rather than to the user, which could leak status information. 6) If you are uncomfortable with local storage of credentials or with the skill having the ability to send email autonomously, do not install it or audit and patch the credential handling first.

Like a lobster shell, security has layers — review code before you run it.

latestvk979rnde1s3vq80e0eqmvgtm3x83j0rp
110downloads
0stars
1versions
Updated 1mo ago
v1.0.0
MIT-0
Leon Liu@dilboy
latest
Download

Last Words - 最后留言

Manage final messages to be delivered to loved ones when the user is unreachable for an extended period.

Overview

This skill helps users record a final message (voice or text) to be delivered to their parents or loved ones if they haven't been active for 30 days. The system:

  1. Records and stores the final message securely (text + optional voice/audio)
  2. Monitors user activity via chat history
  3. Sends warning notifications at 10 and 20 days of inactivity
  4. Automatically delivers the message after 30 days of no activity (email includes voice as attachment if available)
  5. Supports delivery via email (WeChat and phone are planned)

Workflow

1. Record a Final Message

When user says something like "我想给我爸妈留下最后一句话":

  1. Respond: "可以,请说吧,顺便提醒一下这句话默认设置半个月没和我聊天记录的话就会自动触发"
  2. Accept voice or text input as the message content
  3. Save the message using: scripts/save_message.py --message "content" [--audio-path path]
  4. Confirm: "已保存,请确认发送形式:邮件 或 微信"

2. Configure Delivery Settings

Ask user to choose delivery method:

  • 邮件: Collect email address
  • 微信: Collect WeChat ID (placeholder - not yet implemented)
  • 电话: Collect phone number (placeholder - not yet implemented)

Save settings using: scripts/configure_delivery.py --method email --contact "address@example.com"

3. Interactive Email Configuration (Chat)

Users can configure email settings through natural chat conversation:

Trigger phrases:

  • "配置最后留言邮箱"
  • "设置最后留言邮箱"
  • "最后留言 配置邮箱"
  • "最后留言 设置邮箱"
  • "修改最后留言邮箱"

Interactive flow:

  1. Ask for sender email:

    • Respond: "请提供你的发件邮箱(用于发送留言的邮箱,目前支持QQ邮箱):"
    • Wait for user input: e.g., "your-email@qq.com"

  2. Ask for authorization code:

    • Respond: "请提供邮箱授权码(不是登录密码)。QQ邮箱授权码获取方式:登录QQ邮箱→设置→账户→开启POP3/SMTP服务→获取授权码:"
    • Wait for user input: e.g., "xxxxxxxxxxxxxxxx"

  3. Ask for recipient email:

    • Respond: "请提供收件人邮箱(父母/亲人的邮箱):"
    • Wait for user input: e.g., "parent@example.com"

  4. Confirm and save:

    • Show summary: "配置确认:\n发件人:{smtp_user}\n收件人:{contact}\n是否确认保存?(确认/取消)"
    • If user confirms:
      • Run: python3 scripts/configure_delivery.py --method email --contact "{contact}" --smtp-host smtp.qq.com --smtp-port 465 --smtp-user "{smtp_user}" --smtp-pass "{smtp_pass}"
      • Respond: "✓ 邮箱配置已保存。正在测试邮件发送..."
      • Run test: python3 scripts/debug_mode.py on then python3 scripts/debug_mode.py send
      • Respond with result
    • If user cancels: "已取消配置。"

Security notes for interactive config:

  • Passwords are masked in chat display (e.g., "授权码已收到:************")
  • Credentials are stored locally only
  • User can reconfigure anytime by saying "修改最后留言邮箱"

4. Voice/Audio Support

Users can attach a voice recording to their message:

Option A: Save existing audio file

python3 scripts/audio_manager.py save /path/to/recording.wav

Option B: Record from microphone (if available)

python3 scripts/audio_manager.py record

Play back saved audio:

python3 scripts/audio_manager.py play

List all saved audio files:

python3 scripts/audio_manager.py list

The audio file will be attached to the email when the final message is delivered.

5. Debug Mode Management (Chat)

Users can manage debug mode through normal chat conversation by explicitly mentioning "最后留言":

Enable debug mode: When user says: "最后留言 开启调试模式", "最后留言 打开调试", or "最后留言 启用调试"

  1. Run: python3 scripts/debug_mode.py on
  2. Respond: "最后留言调试模式已开启。现在可以立即发送测试消息,无需等待30天。"

Disable debug mode: When user says: "最后留言 关闭调试模式" or "最后留言 禁用调试"

  1. Run: python3 scripts/debug_mode.py off
  2. Respond: "最后留言调试模式已关闭。系统恢复正常运行(30天无活动后发送)。"

Check debug mode status: When user says: "最后留言 调试模式状态" or "最后留言 调试状态"

  1. Run: python3 scripts/debug_mode.py status
  2. Show current status and configuration summary

Send immediate test (when debug mode is on): When user says: "最后留言 立即发送测试" or "最后留言 测试发送"

  1. Run: python3 scripts/debug_mode.py send
  2. Report result: delivery success/failure details

6. Daily Check Process

Run scripts/check_activity.py daily via cron to:

  • Check last chat timestamp
  • Send warning at 10 days of inactivity
  • Send warning at 20 days of inactivity
  • Deliver final message at 30 days of inactivity (with audio attachment if available)

Commands Reference

Save Message (text only)

python3 scripts/save_message.py --message "爸爸妈妈我爱你们"

Save Message with Audio

# First save the audio file
python3 scripts/audio_manager.py save /path/to/voice-recording.wav

# Or record directly (requires microphone)
python3 scripts/audio_manager.py record

Configure Delivery

python3 scripts/configure_delivery.py --method email --contact "parent@example.com"
# Methods: email, wechat, phone

Audio Management

python3 scripts/audio_manager.py save /path/to/audio.wav   # Save existing audio
python3 scripts/audio_manager.py record                    # Record from mic
python3 scripts/audio_manager.py play                      # Play saved audio
python3 scripts/audio_manager.py list                      # List all audio files

Check Activity (run daily)

python3 scripts/check_activity.py

Get Status

python3 scripts/get_status.py

Reset/Clear Data

python3 scripts/reset.py

Debug Mode (Testing)

Enable debug mode to bypass the 30-day wait and test immediate delivery:

Enable/Disable debug mode:

python3 scripts/debug_mode.py on       # Enable debug mode
python3 scripts/debug_mode.py off      # Disable debug mode
python3 scripts/debug_mode.py status   # Check debug mode status

Immediate send in debug mode:

python3 scripts/debug_mode.py send     # Send message immediately (debug)

Or use the check script with debug flag:

python3 scripts/check_activity.py --debug-send  # Force immediate send

When debug mode is enabled:

  • Messages can be sent immediately without waiting 30 days
  • Use for testing email delivery, audio attachments, etc.
  • The system will still log the delivery as a debug/test delivery
  • Disable debug mode for normal operation

Data Storage

All data is stored in SQLite database at ~/.openclaw/last-words/data.db:

  • message: Stores the final message content and audio path
  • config: Stores delivery method and contact information
  • activity_log: Tracks daily check results and deliveries

Security & Privacy

  • Messages are stored locally only
  • No cloud storage or external API calls for message content
  • Email delivery uses user's configured SMTP settings
  • All scripts run within OpenClaw sandbox

Setup Daily Check

Add to OpenClaw cron:

openclaw cron add --name "last-words-check" --schedule "0 9 * * *" --command "python3 ~/.openclaw/workspace/last-words/scripts/check_activity.py"

Comments

Loading comments...