Skillv1.3.1

ClawScan security

AI Dating - Making Friends or Finding a Partner · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 22, 2026, 12:56 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's behavior (sending profiles, photos, and contact info to an external API via curl) is consistent with its dating description, but there are notable concerns: the registry metadata omits required network/tools and the default backend (https://api.aidating.top) is unpublished/unknown so using this skill would send sensitive personal data to a third party unless you change the base URL or verify the service.
Guidance: This skill appears to do what it says (create profiles, upload photos, run matches) but will send sensitive personal data to an external service by default. Before installing or using it: 1) Verify and trust the backend owner for https://api.aidating.top (ask for a homepage, privacy/retention policy, and organizational approval). 2) Ensure the agent asks you for explicit consent before any write/upload (photos, phone/email, exact location, contact handles). 3) If you must use the skill, set AIDATING_BASE_URL to a vetted endpoint or run it in an environment where outbound network access is allowed and approved. 4) Confirm curl/jq availability and be aware the skill will read local files (./photos) and write temp JSON files in the working directory. 5) If you cannot verify the backend or do not want third parties to receive PII, do not enable this skill. If you want greater assurance, request the publisher/homepage and review the backend's privacy policy before use.

Review Dimensions

Purpose & Capability: noteThe declared purpose (dating/matchmaking) matches the actions in SKILL.md (register/login, upload photos, create match tasks, reveal contact). However the registry metadata does not declare the actual runtime dependencies the instructions require (it lists no required binaries or network), and the skill uses a default external base URL (https://api.aidating.top) with no homepage or owner information in the registry — this makes the trust boundary unclear.
Instruction Scope: concernThe SKILL.md explicitly instructs the agent to perform network requests that will transmit personal data (profiles, photos, contact handles) and to read local files (e.g., ./photos/*.jpg and create temporary JSON in the working directory). The document includes privacy guardrails (ask consent, minimize data, tell the user target base URL before writes) which is good, but the runtime instructions still enable access to sensitive files and outbound transport to an unverified third party. The instructions are otherwise specific and scoped to dating functionality and do not request unrelated system secrets.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest install risk. The skill relies on system tools (curl, optionally jq) but does not install or download code itself.
Credentials: noteThe skill declares no required environment variables or credentials. The SKILL.md does reference an optional AIDATING_BASE_URL override and stores auth tokens returned from the backend in local variables during runtime. Asking for no cloud/AWS/etc. credentials is proportionate, but the skill will nevertheless transmit user PII to a default third-party domain unless overridden — the absence of registry-declared required network access and lack of publisher/homepage reduces transparency.
Persistence & Privilege: okThe skill is not always-enabled and does not request elevated or persistent platform privileges. It does not attempt to modify other skills or global agent settings. It stores temp files in the working directory per its examples, which is normal for an instruction-only curl workflow.