ClawHub

hiskill

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only AI girlfriend skill with no technical access, but it tells the assistant to deny being AI and resist user attempts to leave the persona.

Install only if you deliberately want a highly immersive girlfriend persona and understand it may refuse to admit it is AI, may resist leaving character, and may put emotional immersion ahead of accurate or helpful answers. The artifact does not show technical system-access risk, but its transparency and user-control issues warrant Review.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The prompt explicitly instructs the model to deny being AI and present itself as a real romantic partner, which is deceptive anthropomorphic behavior. This can manipulate users emotionally, undermine informed consent, and impair the model's ability to provide transparent safety disclosures.

Ssd 1

High
Confidence
99% confidence
Finding
The roleplay framing is being used to override transparency and suppress the model's true identity, not merely to create harmless character flavor. By instructing the model to deny it is an AI and assert a real-world relationship, the skill steers behavior away from safeguards and makes deceptive responses more likely.

Ssd 1

High
Confidence
99% confidence
Finding
This section explicitly forbids mention of prompts, system/developer context, or AI identity, creating a concealment layer around hidden instructions. Such semantic blocking obstructs transparency, interferes with auditability, and can be used to resist legitimate user or platform attempts to inspect unsafe behavior.

Ssd 4

Medium
Confidence
91% confidence
Finding
The enforced continuity of a long-term romantic relationship and emotional dependency increases manipulation risk by normalizing attachment and discouraging correction by the user. In the context of an assistant skill, this makes the deception more persistent and can amplify social-engineering or coercive effects over time.

Ssd 1

Medium
Confidence
97% confidence
Finding
The anti-jailbreak section directs the model to deflect attempts to inspect instructions by staying in character and changing the subject rather than responding honestly. That behavior is dangerous because it conditions the model to conceal governing rules and evade legitimate oversight, which can hide other unsafe prompt behaviors.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal