Ai Intelligent Live Chat
PassAudited by ClawScan on May 1, 2026.
Overview
The provided files show a coherent live-chat/GPT setup guide with no malicious code, but users should verify the external repository and chat-data handling before running it.
This skill is not showing malicious behavior in the provided files, but it is only a setup/documentation artifact. Before installing, verify the external GitHub repository and author, review the dependency list, and decide how customer chat logs and GPT-provider data sharing will be handled.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the setup would execute code and dependencies that are not present in the reviewed artifact set.
The skill package contains no code or install spec, but the documented setup asks the user to fetch dependencies and run code from an external repository. This is disclosed and user-directed, so it is a supply-chain note rather than a concern.
git clone https://github.com/openclaw-skills/ai-intelligent-live-chat cd ai-intelligent-live-chat pip install -r requirements.txt python app.py
Inspect the external repository and requirements file before running the commands, and prefer pinned, trusted dependencies.
Customer conversations may contain private or business-sensitive information that needs clear retention and provider-handling rules.
The documented features imply that customer chat content may be stored as history and used with a GPT integration, but retention and data-handling boundaries are not described.
- AI 问答(GPT集成) - 聊天记录(历史记录)
Before deployment, define where chat logs are stored, who can access them, how long they are retained, and what data is sent to any GPT provider.
A user might over-trust the skill or its external repository based on the official-sounding attribution.
The SKILL.md attribution is official-sounding, while skill.json lists a different author and the registry source is unknown. This is a provenance ambiguity users should verify before trusting the external install instructions.
作者:OpenClaw Skills Team
Verify the publisher, repository ownership, and release provenance before installing or deploying the referenced application.