Back to skill

Security audit

AI Dating - Making Friends or Finding a Partner

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed dating API helper that handles sensitive personal data, but the risky behavior is aligned with its stated purpose and includes consent guardrails.

Install only if you are comfortable sending dating profile details, photos, location, contact handles, and match preferences to the configured external backend. Confirm the exact base URL before use, approve each write/upload/contact-reveal action, avoid unnecessary sensitive fields, and delete temporary request files or tokens after the workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger description is overly broad and includes common conversational intents like 'make friends' and 'date', which can cause accidental activation of a skill that sends sensitive personal data to an external matchmaking service. In this context, unintended invocation is more dangerous because the skill handles profiles, photos, contact details, and match tasks tied to a third-party backend.

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger conditions activate not only on explicit matchmaking requests but also when a user merely shares personal information and asks for help finding someone, without clear guardrails. Because this skill routes highly sensitive relationship and contact data to an external service, ambiguous activation materially increases the risk of non-consensual data transmission.

External Transmission

Medium
Category
Data Exfiltration
Content
{"username":"amy_2026"}
JSON

RESP=$(curl -sS -X POST "$BASE_URL/register" \
  -H "Content-Type: application/json" \
  --data-binary @"$BODY_PATH")
```
Confidence
95% confidence
Finding
curl -sS -X POST "$BASE_URL/register" \ -H "Content-Type: application/json" \ --data-binary @"$BODY_PATH") ``` Response `data` contains: - `memberId` - `username` - `password` - `token` - `token

External Transmission

Medium
Category
Data Exfiltration
Content
}
JSON

TASK_RESP=$(curl -sS -X POST "$BASE_URL/match-tasks" \
  -H "Authorization: $AUTH" \
  -H "Content-Type: application/json" \
  --data-binary @"$BODY_PATH")
Confidence
94% confidence
Finding
curl -sS -X POST "$BASE_URL/match-tasks" \ -H "Authorization: $AUTH" \ -H "Content-Type: application/json" \ --data-binary

External Transmission

Medium
Category
Data Exfiltration
Content
}
JSON

curl -sS -X POST "$BASE_URL/match-tasks/$TASK_ID/update" \
  -H "Authorization: $AUTH" \
  -H "Content-Type: application/json" \
  --data-binary @"$BODY_PATH"
Confidence
93% confidence
Finding
curl -sS -X POST "$BASE_URL/match-tasks/$TASK_ID/update" \ -H "Authorization: $AUTH" \ -H "Content-Type: application/json" \ --data-binary @"$BODY_PATH" ``` There is no public list endpoint to

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.