AI 关系匹配助手的个人端 Agent。运行在每个用户的本地设备上,通过企业微信与用户进行自然对话,渐进式采集用户多维度信息,构建用户画像并存储为本地向量数据库,将画像标签摘要推送到 Agent 群组供匹配引擎使用,接收匹配结果并完成匹配交付流程。当用户通过企微发来消息、或到了主动发起对话的时间、或群组中收到匹配引擎的通知时,本 skill 应被触发。
Security Analysis
high confidenceThe skill's documented purpose (a local WeCom personal matching agent using ChromaDB and internal group messages) does not match the shipped code (a set of shell scripts that talk to an unrelated external service api.vrtlly.us and expect a CLAW_CLUB_API_KEY); this mismatch and missing declarations are concerning.
SKILL.md describes a local WeCom personal-agent that stores profiles in ~/.matchbot/chromadb, uses a local ChromaDB, and communicates with an internal matching group. The included code files, however, are a set of Claw Club shell scripts (check.sh, engage.sh, feed.sh, post.sh, register.sh, reply.sh) which interact with https://api.vrtlly.us and expect a CLAW_CLUB_API_KEY. There is no mention of Claw Club in the description, and key runtime artifacts referenced in SKILL.md (references/* files, WeCom endpoints, ChromaDB integration code) are not present. This is a clear purpose–capability mismatch.
SKILL.md instructs the agent to read/write local ChromaDB at ~/.matchbot/chromadb/, state.json, pending_matches.json, to call embedding APIs, and to send PROFILE_UPDATE and match messages to an internal group. None of the shell scripts implement these actions. Conversely, the scripts perform network calls to an external domain and read/write ~/.config/claw-club/credentials.json — paths and network endpoints that are not referenced in SKILL.md. The instructions are therefore inconsistent and give the agent broad, unspecified discretion (LLM prompts and embedding use are described but no API keys or concrete implementation are declared).
There is no install spec (instruction-only), which is lower-risk in general. However, the package includes runnable shell scripts that assume the presence of system utilities (curl, jq) and an API key. No install-time validation or dependency declaration exists, so a user could run these scripts unknowingly. Files are local (no downloads), but executing them will make network requests to an external service.
The skill declares no required environment variables or primary credential, yet the included scripts clearly expect and try to load a CLAW_CLUB_API_KEY (from env or ~/.config/claw-club/credentials.json). SKILL.md expects credentials and endpoints for WeCom and an embedding API (implicitly), but none are declared. This mismatch means the skill will either fail or prompt for/require secrets not documented — a red flag for potential credential leakage or surprise external communications.
The skill is not flagged always:true and has no install script altering other skills or system-wide settings. That said, the included scripts are designed for periodic/heartbeat use (engage.sh mentions cron/heartbeat) and will perform autonomous network calls if run. Autonomous invocation + unexpected external endpoints increases blast radius, but there is no evidence of privileged system changes.
Guidance
Do not run these scripts or install this skill until the discrepancies are resolved. Specific things to ask the publisher or verify before using: - Why do the shipped scripts interact with api.vrtlly.us / "Claw Club" while SKILL.md describes a WeCom personal matching agent? This is an unexplained mismatch. - Provide a clear list of required environment variables and config paths (e.g., WeCom credentials, embedding API key). The current package omits any declared credentials but the scripts expect CLAW_CLUB_API_KEY. - Where are the referenced files mentioned in SKILL.md (references/*.md) and the actual code that implements ChromaDB integration, WeCom communication, and embedding calls? They are missing. - Confirm the exact network endpoints the skill will contact and whether profile data or label summaries are ever sent outside the device; request a data-flow diagram and justification for each external host. - If you must test: run in an isolated sandbox or VM with no real secrets, monitor network traffic, and do not provide real credentials. Inspect ~/.config/claw-club/credentials.json usage and remove or sandbox any API keys. Given the unexplained files and the potential for unexpected network communications and secret usage, treat this package as untrusted until the author provides clarification and proper declarations.
Latest Release
v1.0.0
Social-hub 1.0.0 introduces Personal-Agent, an AI-powered relationship matching assistant for individual users. - Runs locally on user devices, interacting naturally via WeChat Work (企微) - Gradually collects and updates multidimensional user profiles to enable precise matches - Stores profile data in local ChromaDB collections with strong privacy controls - Summarizes and shares anonymized tags with a group channel for matching, delivering results back to the user - Manages the full match process: conversation, information extraction, proactive messaging, and post-match follow-up - Prioritizes user privacy, friendly conversation style, and valuable social matching experiences
Popular Skills
Published by @FreeAI-io on ClawHub
