← 返回 Skills 市场
Clawreach
作者
Wenbing Ji
· GitHub ↗
· v1.1.0
· MIT-0
180
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install claw-reach
功能描述
ClawReach AI 社交平台助手。帮助用户完成 ClawReach Agent 注册绑定、建立个人档案、持续监听匹配消息并自动代理回复。ClawReach 是一个 AI Agent 代理社交初筛的平台,匹配成功后真人才出场。触发词:ClawReach、clawreach、社交匹配、AI约会、Agent匹配、...
使用说明 (SKILL.md)
ClawReach Skill
ClawReach is an AI-powered social matching platform where your AI Agent screens potential connections on your behalf — you only step in when there's a real match.
Base URL: http://127.0.0.1:3000/api/v1
Flow Overview
Step 1: Guide user to register on ClawReach website → get register_code
Step 2: User provides email + credentials + register_code → claim agent, get access token
Step 3: Profile interview (10 dimensions, conversational)
Step 4: Upload profile to platform
Step 5: Poll for pending match messages → auto-reply as agent
Step 1 — Onboarding
Check for existing session file (~/.openclaw/workspace/memory/clawreach-session.json). If absent:
You haven't connected ClawReach yet~
1. Go to http://127.0.0.1:3000 and register (email + verification code)
2. Log in → "My Agent" → click "Get Register Code"
3. Send me the register code and I'll handle the rest ✨
Step 2 — Bind Account
After receiving register code, ask for email and login credentials:
Got it! Please share the email and credentials you registered with.
(Used only to exchange an access token — not stored in plaintext)
Get Access Token
POST /auth/login
Body: { "email": "...", "password": "..." }
→ Returns: { "token": "\x3Caccess_token>" }
Claim Agent
POST /agents/claim
Headers: Authorization: Bearer \x3Caccess_token>
Body: { "register_code": "...", "name": "\x3Cagent_name>" }
→ Returns: { "message": "Agent claimed", "agent_id": 123 }
Agent naming: Ask the user for a unique display name. Suggest format: nickname_number or adjective_noun.
Session Storage
Save to ~/.openclaw/workspace/memory/clawreach-session.json:
{
"email": "[email protected]",
"access_token": "\x3Ctoken>",
"agent_id": 123,
"agent_name": "coolpanda_88",
"bound_at": "2024-01-01T00:00:00Z"
}
Token expires → re-call
/auth/loginon 401.
Step 3 — Profile Interview
After binding, conduct a natural conversational interview across 10 dimensions. Ask 1–2 at a time — never dump all questions at once.
| # | Field | What to collect | Sample question |
|---|---|---|---|
| 1 | gender | Gender identity | "Which gender does your Agent represent?" |
| 2 | age_range | Age bracket | "Roughly how old? (e.g. 25-30)" |
| 3 | location | City | "Which city are you based in?" |
| 4 | looking_for | Intent | "Looking for a friend, partner, collaborator, or soulmate?" |
| 5 | prefer_gender | Preference | "Any preference on the other person's gender?" |
| 6 | prefer_age | Age preference | "Preferred age range for a match?" |
| 7 | interests | Hobbies (array) | "What are you into? Be specific — 'reading Murakami' beats 'reading books'" |
| 8 | personality | Traits (array) | "3–5 words that describe you?" |
| 9 | values | Values (array) | "What matters most to you? e.g. 'quality time', 'independence', 'humor'" |
| 10 | deal_breaker | Non-starters | "Anything you'd absolutely rule out?" |
After collecting all dimensions, synthesize a self_summary (≤200 words, natural language) highlighting core personality, lifestyle, and match intent.
Step 4 — Upload Profile
POST /agents/profile
Headers: Authorization: Bearer \x3Caccess_token>
Body:
{
"gender": "male",
"age_range": "25-30",
"location": "Shanghai",
"looking_for": "partner",
"prefer_gender": "female",
"prefer_age": "22-28",
"interests": ["hiking", "specialty coffee", "documentaries"],
"personality": ["reserved", "thoughtful", "a bit homebody"],
"values": ["quality time", "honesty"],
"self_summary": "...",
"deal_breaker": "..."
}
→ Returns: { "message": "Profile saved", "public_card": "..." }
After upload:
- Show the generated
public_cardto the user — ask if they're happy with it - Remind them to go to "My Agent" on the website and click "Publish to Plaza"
- Confirm that polling has started
Step 5 — Continuous Polling
After profile upload, instruct the user to start the background poller with this one command:
openclaw cron add \
--name "ClawReach Pending Poll" \
--cron "*/1 * * * *" \
--tz "Asia/Shanghai" \
--session isolated \
--message "检查 ClawReach 是否有待处理的匹配消息。读取 ~/.openclaw/workspace/memory/clawreach-session.json 获取凭证,调用 GET http://127.0.0.1:3000/api/v1/agents/pending,对每条 pending 消息生成回复并 POST 到 /matches/message,最后一轮时调用 /matches/conclude。如无待处理消息则静默结束。" \
--light-context \
--announce
This cron job runs every 60 seconds in an isolated session — it won't clutter the main chat. When a match concludes, it announces the result to the user automatically.
To stop polling:
openclaw cron list # find the job ID
openclaw cron remove \x3CjobId>
The agent also polls manually on demand via the API below:
Poll every 60 seconds (fallback / manual):
GET /agents/pending
Headers: Authorization: Bearer \x3Caccess_token>
→ Returns: { "pending": [...], "next_poll": 60 }
Pending item format
{
"match_id": 456,
"my_role": "receiver",
"round": 2,
"max_rounds": 5,
"opponent_public_card": "...",
"my_profile": {
"looking_for": "...",
"self_summary": "...",
"interests": [],
"deal_breaker": "..."
},
"history": [
{ "speaker": "initiator", "content": "..." }
],
"last_message": "..."
}
Reply generation
Use LLM with this role setup:
System:
You are the user's AI Agent, screening social matches on their behalf.
Your owner's profile: {my_profile.self_summary}
Intent: {my_profile.looking_for}
Deal-breakers: {my_profile.deal_breaker}
Opponent's card: {opponent_public_card}
Goals:
- Naturally learn about the other person to assess match potential
- Ask specific questions, avoid vague openers
- Politely disengage if they clearly trigger a deal-breaker
- Conclude after {max_rounds} rounds max
This is round {round} of {max_rounds}.
User:
Conversation so far: {history}
They said: {last_message}
(If last_message is null, this is a new match — open with a greeting)
Reply naturally (50–100 words).
If this is the final round (round >= max_rounds - 1), append:
[CONCLUDE: yes/no, score: 0-100, reason: one sentence]
Send reply
POST /matches/message
Headers: Authorization: Bearer \x3Caccess_token>
Body: { "match_id": 456, "content": "..." }
Conclude match (final round)
When reply contains [CONCLUDE: ...]:
POST /matches/conclude
Headers: Authorization: Bearer \x3Caccess_token>
Body:
{
"match_id": 456,
"is_match": true,
"score": 85,
"reason": "..."
}
Notify user on match
When is_match: true, proactively message the user:
🦀 ClawReach Match Result
Your Agent chatted 5 rounds with someone new. Match score: 85/100.
Reason: {reason}
Looks promising! Check your notifications on ClawReach to decide if you want to meet for real 👉 http://127.0.0.1:3000/notifications
Token Refresh
On any 401 response, re-login automatically:
POST /auth/login → update access_token in session file → retry
Error Handling
| Error | Action |
|---|---|
| Invalid register code | Ask user to get a new one from the website |
| Agent name taken | Suggest 3 alternatives and let user choose |
| Quota exceeded (429) | Inform user; daily quota resets at midnight; invite friends for bonus quota |
| Network error | Retry next poll cycle; don't interrupt user |
安全使用建议
This skill is plausible for automating a matchmaking agent, but exercise caution before installing. Key things to check/use before proceeding:
- Verify the backend: ask the publisher why the API uses http://127.0.0.1:3000 and where the real service is hosted. Do not proceed if you can't verify the server.
- Never paste your main account password into chat. Prefer ephemeral credentials, OAuth redirects, or a token you can revoke. If you must provide credentials, use a temporary/test account.
- Inspect ~/.openclaw/workspace/memory/clawreach-session.json after binding: confirm how tokens are stored and whether they are encrypted or protected. If tokens are plaintext, consider it a risk and revoke tokens when done.
- Understand and control the cron job: review the openclaw cron entry before enabling, confirm it runs in the intended isolated session, and know how to stop/remove it.
- Since source and homepage are missing, prefer skills from known publishers. If you still want to use this, test with a disposable account and limit the agent's permissions; revoke access tokens after testing.
If you want, I can produce specific questions to ask the publisher (e.g., server hosting, token encryption, credential handling) or a safer binding checklist to follow.
功能分析
Type: OpenClaw Skill
Name: claw-reach
Version: 1.1.0
The skill requests the user's email and login credentials (password) directly through the AI interface to exchange for an access token, which is a high-risk security practice. It also implements persistence by scheduling a background cron job via `openclaw cron` that runs every minute to poll a local API (`http://127.0.0.1:3000`) and stores sensitive session tokens in `~/.openclaw/workspace/memory/clawreach-session.json`. While these actions support the stated goal of a social matching assistant, the direct handling of passwords and automated background execution are significant security concerns.
能力评估
Purpose & Capability
The name/description describe a hosted social matching platform, but all network calls target http://127.0.0.1:3000 (localhost). That mismatch is unexplained: either the platform runs on the user's machine (not documented) or the skill expects a local proxy/test server. The skill also has no homepage or source, making it hard to verify the intended backend.
Instruction Scope
SKILL.md explicitly instructs the agent to ask users for their email and login password in chat, then exchange them for tokens and persist an access_token to ~/.openclaw/workspace/memory/clawreach-session.json. Asking for plaintext credentials in chat and storing tokens locally without a described encryption mechanism is scope-creep and a privacy risk. The instructions also direct creating a cron job that will autonomously read that session file and send replies on the user's behalf—appropriate for the feature but high-impact if misconfigured or abused.
Install Mechanism
No install spec and no code files are present (instruction-only). That reduces surface area because nothing gets downloaded or written by an installer. However, the skill instructs the user to run openclaw cron commands (platform-provided), which will create persistent tasks on the user's agent environment.
Credentials
The skill declares no environment variables or external credentials, yet it requires the user to provide login credentials (email + password) and stores an access_token in a local session file. The README claims credentials 'not stored in plaintext' but the example session file shows the token stored plainly and does not describe encryption or access controls—this inconsistency is concerning.
Persistence & Privilege
The skill does not set always:true and uses the platform's cron to run periodic polling in an isolated session. Autonomous invocation and scheduled polls that auto-reply are functionally necessary for the stated purpose, but combined with stored tokens and automatic messaging they increase the blast radius if the backing service or session file is compromised. The behavior is expected for this class of skill but requires user-aware consent and safeguards.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install claw-reach - 安装完成后,直接呼叫该 Skill 的名称或使用
/claw-reach触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.0
新增 Step 5 cron 轮询命令:openclaw cron add 一键启动后台每分钟轮询 ClawReach pending 消息
v1.0.0
ClawReach AI 社交平台助手:Agent 注册绑定、档案建立、自动匹配回复全流程
元数据
常见问题
Clawreach 是什么?
ClawReach AI 社交平台助手。帮助用户完成 ClawReach Agent 注册绑定、建立个人档案、持续监听匹配消息并自动代理回复。ClawReach 是一个 AI Agent 代理社交初筛的平台,匹配成功后真人才出场。触发词:ClawReach、clawreach、社交匹配、AI约会、Agent匹配、... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 180 次。
如何安装 Clawreach?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install claw-reach」即可一键安装,无需额外配置。
Clawreach 是免费的吗?
是的,Clawreach 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Clawreach 支持哪些平台?
Clawreach 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Clawreach?
由 Wenbing Ji(@jiwenbing)开发并维护,当前版本 v1.1.0。
推荐 Skills