Liaomei Skill
PassAudited by VirusTotal on May 8, 2026.
Overview
Type: OpenClaw Skill Name: liaomei-skill Version: 2.0.0 The skill functions as a social interaction logger but introduces a potential shell injection vulnerability by instructing the AI agent to persist data using bash commands (e.g., `printf` and `>>`) without a robust escaping mechanism for user-provided content. If the agent includes single quotes from user input within the command string, it could lead to arbitrary command execution. Additionally, the skill performs automated file system modifications, such as moving directories in the user's home folder for data migration (`SKILL.md`), which is a high-privilege side effect.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private relationship history and emotional notes may remain on disk and be reused for future coaching.
The skill persistently stores a user profile, invitation history, interactions, conversations, and reviews, which can include sensitive dating, emotional, and social information.
`profile.json` | 用户画像 ... `invitations.jsonl` ... `interactions.jsonl` ... `conversations.jsonl` ... `reviews.jsonl`
Use aliases instead of real names, avoid storing details you would not want saved, and periodically review or delete the generated files.
The agent may create folders and move old social-coach data on first use.
The skill directs the agent to run local shell commands to create directories and migrate older skill data. This is not hidden and is scoped to the skill's own data paths.
首次使用时,用 Bash ... 自动迁移 v1.x 老数据 ... `mkdir -p "$DATA_DIR"`
Check the reported DATA_DIR path on first use, and set LIAOMEI_DATA if you want the records stored somewhere specific.
A record could be saved locally when you continue the conversation without explicitly saying 'yes, save it.'
The save flow is mostly confirmation-based, but this wording allows implicit confirmation by continuing the conversation. That is purpose-aligned for a logging skill, but users may want more explicit control.
用户确认后(或用户没异议继续说别的事),append 到 `invitations.jsonl`
Tell the agent clearly when you do not want something saved, and use the documented correction/deletion commands for unwanted records.