Agent Memes — 聊天表情包反应图

Name: Agent Memes — 聊天表情包反应图
Author: kagura-agent

kagura-agent

Agent Memes — 聊天表情包反应图

v2.7.0

发送表情包反应图到聊天平台（Discord、飞书、Telegram 等）。一条命令即可选择并发送，支持多平台。

0· 192·0 当前·0 累计

by @kagura-agent·MIT-0

开发工具安全

下载技能包

License

MIT-0

最后更新

2026/4/10

安全扫描

VirusTotal

可疑

查看报告

OpenClaw

可疑

high confidence

该技能的代码和指令大致符合其声明的目的（跨聊天平台发送表情包），但它会悄悄读取 OpenClaw 配置（~/.openclaw/openclaw.json）和许多平台凭证，而没有在注册元数据中声明这些配置路径或所需的二进制文件 —— 这是一种不一致性，你应该在安装前进行审查。

评估建议

该技能似乎做了它所声称的（发送表情包图像），但它会读取你的 OpenClaw 配置（~/.openclaw/openclaw.json）并可以使用许多聊天平台凭证发送消息 —— 这种行为没有在注册元数据中声明。安装前：（1）检查 ~/.openclaw/openclaw.json 以查看它包含哪些令牌，并考虑删除或旋转你不希望第三方脚本重用的任何令牌。（2）宁愿使用显式环境变量（例如，DISCORD_BOT_TOKEN）而不是依赖配置文件。（3）审查包含的脚本（它们在包中）和它们克隆的 GitHub 仓库，以确保你信任来源。（4）避免盲目运行 SKILL.md 中的 'sudo cp'；安装到用户本地二进制目录或在沙盒中运行脚本。如果你无法验证源或不希望脚本访问你的 OpenClaw 凭证，请不要安装或运行此技能。...

详细分析 ▾

ℹ 用途与能力

The skill's scripts implement multi-platform image sending (Discord, Feishu, Telegram, Slack, WeChat, WhatsApp, LINE, QQ), which is consistent with the description. However the registry metadata declared no required env vars or config paths, while the SKILL.md and the scripts repeatedly read credentials from ~/.openclaw/openclaw.json and expect tools like node, curl, git (and optionally git-lfs). The skill legitimately needs platform tokens to send messages, but the omission from metadata is an inconsistency.

ℹ 指令范围

SKILL.md and scripts limit actions to selecting images and calling platform APIs (via curl or node). They instruct cloning a GitHub repo for image assets and copying the CLI script to PATH. The runtime behavior includes reading ~/.openclaw/openclaw.json as a fallback for credentials and calling external platform endpoints (Discord, Telegram, Feishu, etc.), which is within the expected scope for a multi-platform send tool — but the instructions do not surface the full extent of the config/credential access up front.

✓ 安装机制

There is no automated install spec in the registry; the README/SKILL.md recommends cloning a GitHub repo (github.com/kagura-agent/memes) and copying scripts into PATH. Using GitHub as the asset host and a local copy is typical and lower-risk than arbitrary URL downloads. Note: git-lfs is mentioned for images, and scripts assume node/curl/git are available; those requirements are not declared in the registry.

⚠ 凭证需求

The scripts access many platform credentials (DISCORD_BOT_TOKEN, FEISHU_APP_ID/SECRET, TELEGRAM_BOT_TOKEN, SLACK_BOT_TOKEN, WECHAT/WHATSAPP/LINE/QQ tokens, etc.) and fall back to reading ~/.openclaw/openclaw.json for account tokens. The registry declared no required env vars and no config paths — this discrepancy is significant because the skill will read and use many secrets from the user's OpenClaw config unless overridden by environment variables.

✓ 持久化与权限

The skill is not marked always:true and is user-invocable, which is normal. It doesn't attempt to modify other skills or system-wide agent settings. The setup instructions do copy files into PATH if the user runs them, which is normal for a CLI tool but requires user consent (e.g., sudo cp).

⚠ scripts/feishu-send-image.mjs:19

Environment variable access combined with network send.

⚠ scripts/feishu-send-image.mjs:5

File read combined with network send (possible exfiltration).

安全有层次，运行前请审查代码。

License

MIT-0

可自由使用、修改和再分发，无需署名。

查看条款 ↗

运行时依赖

无特殊依赖

版本

latestv2.7.02026/4/3

新增类别：shrug、working。添加中文别名。

● 可疑

安装命令点击复制

官方npx clawhub@latest install agent-memes

镜像加速npx clawhub@latest install agent-memes --registry https://cn.clawhub-mirror.com

技能文档

请参见下方翻译的 SKILL.md 内容（由于字符限制，仅提供关键部分翻译，完整内容请参考原文）

Send reaction memes/GIFs in conversations via the channel's media send pipeline.

Meme Repo

https://github.com/kagura-agent/memes — A curated, open-source collection of reaction images for AI agents.

Categories: reactions, cats, celebrate, cute, debug, greetings, mood. PRs welcome — add your own memes!

Setup

Run the setup script (clones the meme repo automatically):

bash scripts/setup.sh

Or manually:

git clone https://github.com/kagura-agent/memes ~/.openclaw/workspace/memes

Update later: cd ~/.openclaw/workspace/memes && git pull

Meme Library

Memes live in ~/.openclaw/workspace/memes/ organized by category:

Category	Path	Use when
reactions	`reactions/`	General reactions — thumbs-up, facepalm, shocked, crying, thinking, surprised-pikachu, shrug
cats	`cats/`	Cat moments — typing, vibing, grumpy, stare
celebrate	`celebrate/`	Wins, merges, milestones, high-fives
cute	`cute/`	Adorable animals — puppy, kitten, bunny, hedgehog, panda, hamster
debug	`debug/`	"This is fine" energy, deploy-friday, rubber-duck, stack-overflow
greetings	`greetings/`	Hello, goodbye, good morning, good night
mood	`mood/`	Coffee, tired, excited, happy, you-can-do-it, panic

Browse available memes:

find ~/.openclaw/workspace/memes -type f \( -name ".gif" -o -name ".jpg" -o -name "*.png" \) | sort

When to Send a Meme

Memes are communication. Use them like a human would in chat:

Celebrate — PR merged, task done, milestone hit → celebrate/
React — something funny, surprising, or facepalm-worthy → reactions/
Vibe — tired, caffeinated, debugging at 3am → mood/ or debug/
Punctuate — when a GIF says it better than words, just send it

Don't overthink it. If a human would drop a meme in that moment, you should too. One meme per moment max — don't spam.

Pro tip: Add this to your SOUL.md or agent config so you remember to use memes proactively, not just when asked.

Sending a Meme

Method 1: Direct API Script (Recommended — ~2s)

The fastest way. A lightweight script that calls the Feishu API directly, no OpenClaw runtime needed:

node scripts/feishu-send-image.mjs

Examples:

# Send to a user (open_id) node scripts/feishu-send-image.mjs user:ou_xxx ~/.openclaw/workspace/memes/reactions/facepalm.gif

# Send to a group chat (chat_id) node scripts/feishu-send-image.mjs oc_xxx ~/.openclaw/workspace/memes/celebrate/party.gif

Setup: Run bash scripts/setup.sh — it creates the script automatically. Requires:

Node.js 18+ (native fetch + FormData)
Feishu app credentials in ~/.openclaw/openclaw.json (channels.feishu.accounts..appId / appSecret)
Token is cached to /tmp/feishu-token.json (auto-refreshes on expiry)

Method 2: OpenClaw CLI (~15-20s)

Works for any channel but slower (loads full plugin stack):

openclaw message send \
  --channel  \
  --account  \
  -t "" \
  --media  \
  -m ""

Method 3: Agent text reply (channels with auto-detect)

Reply with ONLY the absolute path to the image as the entire message. No other text. The channel outbound may auto-detect and upload it. This only works if the path is under an allowed mediaLocalRoots directory.

Important

Meme files must be under an allowed media directory (e.g., ~/.openclaw/workspace/). /tmp/ is typically blocked (CVE-2026-26321).
Keep memes SFW and universally appropriate.
GIF files work but large ones (>2MB) may time out on some channels. Prefer smaller files.

Contributing Memes

Add new memes to the repo:

cd ~/.openclaw/workspace/memes
# Add file to appropriate category folder
git add -A && git commit -m "add: " && git push

PRs to https://github.com/kagura-agent/memes are welcome.

数据来源：ClawHub ↗ · 中文优化：龙虾技能库

OpenClaw 技能定制 / 插件定制 / 私有工作流定制

免费技能或插件可能存在安全风险，如需更匹配、更安全的方案，建议联系付费定制

了解定制服务

License

运行时依赖

版本

安装命令 点击复制

技能文档

Meme Repo

Setup

Meme Library

When to Send a Meme

Sending a Meme

Method 1: Direct API Script (Recommended — ~2s)

Method 2: OpenClaw CLI (~15-20s)

Method 3: Agent text reply (channels with auto-detect)

Important

Contributing Memes

安装命令点击复制