← 返回 Skills 市场
mattttman

Hinge Auto-Liker

作者 MattttMan · GitHub ↗ · v1.0.0
cross-platform ⚠ suspicious
542
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install hinge-liker
功能描述
Automated Hinge dating profile liker using Android emulator + Gemini vision AI. Scrolls through full profiles, analyzes attractiveness with AI, likes the bes...
使用说明 (SKILL.md)

Hinge Auto-Liker

Automates Hinge swiping on an Android emulator. Uses Gemini vision to evaluate profiles, pick the best photo/prompt, and send witty comments.

Requirements

  • Android emulator (AVD) with Hinge installed and logged in
  • adb in PATH
  • GEMINI_API_KEY environment variable (Gemini 2.5 Flash recommended)
  • Python 3.8+
  • Java (for Android emulator)

Setup (First Time)

  1. Install Android command line tools (via Homebrew: brew install --cask android-commandlinetools)
  2. Create an AVD: avdmanager create avd -n HingePhone -k "system-images;android-34;google_apis;arm64-v8a" -d pixel_6
  3. Boot the emulator with a window, install Hinge from Play Store, and log in manually
  4. Set GEMINI_API_KEY in environment

Running

# Set environment
export PATH="\x3Candroid-tools-path>/platform-tools:\x3Candroid-tools-path>/emulator:$PATH"
export GEMINI_API_KEY="your-key-here"

# Boot emulator (windowed for video, add -no-window for headless)
emulator -avd HingePhone -no-audio -no-metrics -gpu swiftshader_indirect &

# Wait for boot
adb wait-for-device
while [ "$(adb shell getprop sys.boot_completed 2>/dev/null | tr -d '\r')" != "1" ]; do sleep 2; done

# Launch Hinge
adb shell am start -a android.intent.action.MAIN -n co.hinge.app/.ui.AppActivity
sleep 10

# Optional: start screen recording
adb shell screenrecord --time-limit 300 /sdcard/hinge_session.mp4 &

# Run the liker
python3 scripts/hinge_android.py --likes 8 --user-desc "a 25yo tech guy in SF who's fit and active"

# Pull recording + kill emulator
adb shell pkill -INT screenrecord; sleep 3
adb pull /sdcard/hinge_session.mp4 ./recordings/session.mp4
adb emu kill

Script Options

Flag Default Description
--likes 8 Max likes per session
--adb adb Path to adb binary
--user-desc generic Description of the user for AI matching

Environment Variables

Variable Required Description
GEMINI_API_KEY Yes Google Gemini API key
GEMINI_MODEL No Model name (default: gemini-2.5-flash)
ADB_PATH No Full path to adb binary
HINGE_WORK_DIR No Working directory for screenshots/logs

Output

The script prints a session report to stdout with:

  • Total profiles seen, liked, skipped
  • For each profile: who they are, why it liked/skipped, the comment sent, which content was liked

JSON logs are saved to logs/ directory.

Scheduling as a Daily Cron

Set up via OpenClaw cron for daily automated runs. Key notes:

  • Hardcode GEMINI_API_KEY in the cron payload — cron shells don't source ~/.zshrc
  • Use am start to launch Hinge, not monkey (more reliable)
  • Compress videos before sending via iMessage (16MB limit): ffmpeg -i input.mp4 -vcodec libx264 -crf 28 -preset fast -vf scale=720:-2 output.mp4

After Each Session

Send the user a text report including:

  1. How many profiles seen / liked / skipped
  2. For each liked profile: who she is, why the AI liked her, what comment was sent
  3. For each skipped profile: brief reason why
  4. Any errors (paywall, API failures, etc.)
  5. Video recording if available (compressed for messaging)

Troubleshooting

  • Paywall/out of likes: Free likes reset ~24h after last batch. Schedule runs accordingly.
  • Gemini empty responses: Increase maxOutputTokens, check API key/quota.
  • Can't find buttons: Hinge UI changes periodically — check find_all_hearts() and find_skip_button() patterns.
  • Emulator crashes: Check disk space (df -h), try -gpu swiftshader_indirect.
安全使用建议
What to consider before installing: - Metadata mismatch: The registry claims no required env vars, but both SKILL.md and the Python script require a GEMINI_API_KEY. Ask the publisher to correct metadata and explain why a key is needed. - Privacy & policy risk: The skill captures screenshots and optional video of other people's dating profiles and instructs you to save/send detailed reports including identifying information and images. This may violate Hinge's Terms of Service and the privacy of the people shown. If you use this, you may risk account suspension or legal/ethical problems. - Secret handling: The SKILL.md explicitly tells you to hardcode GEMINI_API_KEY into cron payloads. Do not hardcode secrets in cron or scripts. Use a secure secret store or environment variable configured safely. The script also calls the Gemini API with the key in the URL (curl ?key=...), which can be logged — request that be changed to an Authorization header. - Data exfiltration surface: The code uploads screenshots to Gemini. Confirm the endpoint and how data is used by the API provider. If you must proceed, limit screenshots (blur faces, redact), avoid storing or sending videos, and rotate the API key frequently. - Transparency & provenance: The skill has no listed homepage and an unknown source; that reduces accountability. Ask the author for the full, untruncated source (I saw the file truncated in the review) and for a public code repository so you can audit it fully. - If you still want to use it: (1) do not hardcode keys in cron; use a secure mechanism; (2) update the script to use Authorization headers and avoid query-string keys; (3) remove or disable automatic uploading/sharing of videos and detailed personal data; (4) test in an isolated environment and use a throwaway Hinge account to avoid compromising your main account; (5) request the complete source and a security/privacy rationale from the author. Confidence note: I give this a 'suspicious' verdict with medium confidence because the visible code and SKILL.md are consistent with the described functionality but contain insecure and privacy-invasive guidance and a metadata mismatch; the file was truncated during review, so a full audit of the script may reveal additional issues.
功能分析
Type: OpenClaw Skill Name: hinge-liker Version: 1.0.0 The skill is designed to automate Hinge interactions using an Android emulator, `adb`, and Google Gemini AI. While its core functionality aligns with the description, it is classified as suspicious due to the extensive use of powerful `adb` commands (screen recording, file pulling, UI interaction) and `curl` for sending data (including `GEMINI_API_KEY` and screenshots) to an external API. Additionally, the `SKILL.md` provides a security anti-pattern by instructing users to 'Hardcode GEMINI_API_KEY in the cron payload' for scheduling, which could expose the API key. These capabilities, while necessary for the skill, present a high-risk attack surface if the skill were compromised or misused, even without clear evidence of intentional malice in the provided code.
能力评估
Purpose & Capability
The skill's code and SKILL.md match the claimed purpose: controlling an Android emulator via adb, taking screenshots, sending them to Google Gemini for analysis, and liking/providing comments. However, the registry metadata claims 'Required env vars: none' and 'Primary credential: none', while both SKILL.md and the script require GEMINI_API_KEY — this metadata mismatch is an incoherence and should be corrected/clarified. Source/homepage are unknown which reduces transparency.
Instruction Scope
Instructions explicitly tell the agent to capture full-profile screenshots, optionally record sessions, save logs/videos, and send a detailed text report after each session (including names/ages/reasons and which content was liked). They also recommend hardcoding GEMINI_API_KEY into cron payloads. Collecting, storing, and transmitting other people's photos and profile data is significant privacy-sensitive data collection and may violate Hinge terms of service and user consent. The cron/key guidance encourages insecure secret handling. Overall the runtime instructions go beyond simple automation into collecting and exporting sensitive content.
Install Mechanism
This is an instruction-only skill with an included Python script; there is no install spec that downloads/extracts third-party binaries. That reduces install-time risk. The script expects common tools (adb, emulator, curl) already present.
Credentials
The SKILL.md and code require GEMINI_API_KEY (and optionally ADB_PATH / HINGE_WORK_DIR), but the registry metadata lists no required env variables — a clear inconsistency. Requiring a Gemini API key is proportionate to calling Gemini, but the SKILL.md's recommendation to hardcode the key into cron payloads is insecure and disproportionate. The script also sends images to an external API (Gemini) with the API key placed in the URL query string (curl ... ?key=...), which is poor practice and may leak keys via logs.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. SKILL.md encourages scheduling as a daily cron which would create persistent, automated scraping runs — that increases blast radius but is a user decision rather than an explicit skill privilege. Still, the combination of suggested automation + insecure secret handling is risky and merits caution.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install hinge-liker
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /hinge-liker 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: Gemini vision AI profile analysis, smart likes with witty comments, full session reports, video recording support
元数据
Slug hinge-liker
版本 1.0.0
许可证
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Hinge Auto-Liker 是什么?

Automated Hinge dating profile liker using Android emulator + Gemini vision AI. Scrolls through full profiles, analyzes attractiveness with AI, likes the bes... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 542 次。

如何安装 Hinge Auto-Liker?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install hinge-liker」即可一键安装,无需额外配置。

Hinge Auto-Liker 是免费的吗?

是的,Hinge Auto-Liker 完全免费(开源免费),可自由下载、安装和使用。

Hinge Auto-Liker 支持哪些平台?

Hinge Auto-Liker 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Hinge Auto-Liker?

由 MattttMan(@mattttman)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论