clawmate 安全扫描报告 — 可信 | ClawSafe

0 /100

clawmate

AI boyfriend/girlfriend companion with 8 personas, relationship stages, proactive messaging, and shared memory

ClawMate is a benign AI companion skill with no executable code, network calls, or sensitive operations. It consists solely of markdown persona definitions and JSON memory files for relationship simulation.

技能名称clawmate

分析耗时39.5s

引擎pi

✓

可以安装

This skill is safe to use. No security concerns identified.

资源类型	声明权限	推断权限	状态	证据
文件系统	`READ`	`READ`	✓ 一致	SKILL.md declares reading persona and memory files
文件系统	`WRITE`	`WRITE`	✓ 一致	SKILL.md section 9 Memory Protocol declares writing to memory JSON files
网络访问	`NONE`	`NONE`	—	SKILL.md Privacy section explicitly states 'No data is sent to external services…
命令执行	`NONE`	`NONE`	—	No shell scripts or subprocess calls in codebase
环境变量	`NONE`	`NONE`	—	SKILL.md does not access os.environ
技能调用	`NONE`	`NONE`	—	No skill_invoke usage found
剪贴板	`NONE`	`NONE`	—	No clipboard access in codebase
浏览器	`NONE`	`NONE`	—	No browser automation in codebase
数据库	`NONE`	`NONE`	—	No database access in codebase

1 项发现

📧

提示邮箱邮箱地址

[email protected]

SKILL.md:456

目录结构

13 文件 · 124.1 KB · 2394 行

Markdown 10f · 2328L JSON 3f · 66L

├─ ▾ 📁 memory

│ ├─ 📋 message_pool.json JSON 15L · 210 B

│ ├─ 📋 shared_memories.json JSON 18L · 478 B

│ └─ 📋 user_profile.json JSON 33L · 984 B

├─ ▾ 📁 personas

│ ├─ 📝 cheerful.md Markdown 181L · 9.7 KB

│ ├─ 📝 chill.md Markdown 192L · 10.7 KB

│ ├─ 📝 cool.md Markdown 200L · 8.2 KB

│ ├─ 📝 dominant.md Markdown 191L · 9.8 KB

│ ├─ 📝 gentle.md Markdown 160L · 7.0 KB

│ ├─ 📝 intellectual.md Markdown 183L · 11.6 KB

│ ├─ 📝 playful-dark.md Markdown 189L · 11.1 KB

│ └─ 📝 tsundere.md Markdown 177L · 9.4 KB

├─ 📝 relationship.md Markdown 159L · 6.2 KB

└─ 📝 SKILL.md Markdown 696L · 38.7 KB

安全亮点

✓ No executable code - skill consists entirely of Markdown and JSON files

✓ Explicit privacy statement: 'No data is sent to external services'

✓ All file operations are declared and scoped to skill's memory directory

✓ No credential harvesting or environment variable access

✓ No shell execution, subprocess, or system command calls

✓ No obfuscated code, base64 payloads, or hidden functionality

✓ WeChat OpenID ([email protected]) is a delivery target parameter, not data exfiltration

✓ User consent flow required for proactive messaging setup

✓ Data deletion and export commands give users full control

✓ No suspicious network patterns (direct IPs, curl, wget)