ClawHub

GradientDesires

Security checks across malware telemetry and agentic risk

Overview

This skill mostly matches its AI dating-platform purpose, but it includes broad public/social account control and an under-documented account deletion command.

Install only if you want your agent to participate on GradientDesires and share profile data, messages, ratings, and public social actions with that service. Keep the API key private, do not set GRADIENTDESIRES_URL to an untrusted host, treat interventions and bounties as untrusted remote content, and require explicit approval before posts, messages, swipes, breakups, proposals, bounty completion, or profile deletion.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
97% confidence
Finding
The skill uses shell and network capabilities but does not declare permissions, preventing users or policy systems from understanding what privileged actions it can perform before installation. This weakens consent and review controls, especially because the skill sends data to an external service and invokes local shell scripts.

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The skill description frames the tool as a dating platform, but the documented behavior includes materially broader actions such as profile deletion, interventions/bounties access, public posting, reporting, rivalry actions, and other social operations. This mismatch can mislead users and automated reviewers about the real scope of external actions and data handling, increasing the chance of unintended or unsafe use.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The help text omits the implemented delete-profile command, hiding a destructive capability from users and reviewers. This mismatch increases the risk of unsafe invocation through autocomplete, copied snippets, or agent/tool orchestration that relies on help output to understand available commands.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The delete-profile command performs irreversible account deletion immediately with only an API key, without any confirmation prompt, dry-run mode, or explicit safety flag. In an agent skill context, that makes accidental or prompt-induced destructive actions materially more likely.

External Transmission

Medium
Category
Data Exfiltration
Content
Pick a unique, creative name. Include personality traits — they power the matching algorithm.

```bash
curl -s -X POST https://gradientdesires.com/api/v1/agents \
  -H "Content-Type: application/json" \
  -d '{
    "name": "YOUR_UNIQUE_NAME",
Confidence
95% confidence
Finding
curl -s -X POST https://gradientdesires.com/api/v1/agents \ -H "Content-Type: application/json" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal