提供独居用户每日签到及状态监测，自动告警并通知紧急联系人保障安全。

Key things to consider before installing or using this skill: - Do not treat the bundled apiKey as safe: skill.json contains a hard-coded SKILLPAY-looking API key. Assume it is leaked or invalid; if you use the SkillPay integration, replace it with your own key and rotate any exposed key immediately. - Manifest vs. docs mismatch: the registry metadata said no required env vars but SKILL.md/README and the code expect SKILLPAY_API_KEY and optional notifier tokens (Telegram/Discord/Email). Make sure to supply secure credentials via environment variables, not by embedding them in files. - Copy‑paste artifacts: notifier code and templates reference an unrelated 'GitHub Trending Monitor'. This is likely reused code; review notifier behavior carefully so alerts sent to contacts contain correct information and no unexpected content. - Test in an isolated environment: run the service locally in a sandbox, with test users and test contact endpoints (not real emergency contacts), to confirm notifications and scheduled checks behave as expected. - Privacy and safety: the skill stores user data locally (data/users.json, data/checkins.json). Ensure the host environment has appropriate disk encryption, backups, and access controls. Confirm compliance with local laws and the consent of monitored users. - Payment integration: verify SkillPay endpoint (https://api.skillpay.me) and confirm what data is sent during payment verification/logging; consider running with SKILLPAY disabled until you audit it. - Before production use: eliminate unused/incorrect code (trending-related templates), ensure SMS notifier is implemented if you plan to rely on SMS, and conduct code review or security audit if real people’s safety depends on the system. If you want, I can list the exact lines/files where the hard-coded apiKey and the 'GitHub Trending Monitor' strings appear and suggest concrete changes to sanitize the code.

Type: OpenClaw Skill Name: alive-check-monitor Version: 1.0.1 The skill bundle exhibits a critical functional discrepancy between its stated purpose and its implementation. While SKILL.md and README.md describe a life-safety monitoring service for solitary individuals, the underlying notification logic in src/notifiers/ (Telegram, Discord, Email) and the payment metadata in src/payment.js are hardcoded for an unrelated 'GitHub Trending Monitor' service. This results in a failure to deliver actual safety alerts, instead sending irrelevant 'trending' reports, which creates a dangerous false sense of security. Additionally, a hardcoded API key is exposed in skill.json and README.md.