Scan Report
5 /100
replyher
AI communication coach for dating, workplace, and social messaging with multi-language support (Chinese/English)
ReplyHer is a pure text-based communication coach with no code execution, credential access, or data exfiltration. The only script present (publish.sh) is a legitimate CI/CD deployment tool for developers, not the AI agent itself.
Safe to install
This skill is safe to use. The publish.sh script requires shell access but is a developer tool for deployment only, not accessible to the AI agent.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | SKILL.md contains no filesystem access declarations |
| Network | NONE | NONE | — | No network calls in AI behavior |
| Shell | NONE | NONE | — | publish.sh is developer tooling, not AI-accessible |
| Environment | NONE | NONE | — | No environment variable access declared or observed |
| Skill Invoke | NONE | NONE | — | No cross-skill invocation observed |
| Clipboard | NONE | NONE | — | No clipboard operations |
| Browser | NONE | NONE | — | No browser automation |
| Database | NONE | NONE | — | No database access |
2 findings
Medium External URL 外部 URL
https://replyher.com README.md:45 Medium External URL 外部 URL
https://clawhub.ai/skills/replyher publish.sh:26 File Tree
3 files · 18.2 KB · 511 lines Markdown 2f · 485L
Shell 1f · 26L
├─
publish.sh
Shell
├─
README.md
Markdown
└─
SKILL.md
Markdown
Security Positives
✓ Pure text-based AI skill with no code execution capabilities
✓ No credential harvesting or sensitive data access
✓ No network requests or data exfiltration
✓ No obfuscation techniques (base64, eval, etc.)
✓ Clear documentation matching actual behavior
✓ Safety guidelines present for respecting boundaries
✓ publish.sh is legitimate CI/CD tooling, not malicious