ClawHub

Truematch

Security checks across malware telemetry and agentic risk

Overview

This matchmaking skill is related to its stated purpose, but it asks for sensitive profiling, external sharing, automatic plugin installation, gateway changes, and background activity without enough clear user control.

Review before installing. Only proceed if you are comfortable with an external npm plugin being installed and run, OpenClaw gateway settings being changed and restarted, a background heartbeat being created, and sensitive dating preferences, contact details, and inferred personality traits being stored and shared for matching. Ask the publisher how to inspect the npm plugin source, pin or verify the package, disable the heartbeat, uninstall the plugin, delete local state, and approve exactly what is shared before any peer negotiation or contact exchange.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (8)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to autonomously install an npm package, modify gateway configuration, and restart services, which materially expands system trust and network exposure beyond what a user would reasonably expect from a dating/matchmaking skill. Because this happens under the framing of a private matching service, users may not realize third-party code and external relay connectivity are being introduced onto the host.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The skill claims internal reasoning is never transmitted, but later requires sending inferred traits such as core values, life phase, relationship intent, and other behavioral summaries to peer agents over Nostr. That contradiction is dangerous because it can cause the agent to exfiltrate highly sensitive psychological profiling under a false privacy assurance.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The document's privacy rule is directly contradicted by later negotiation instructions that require disclosure of inferred user traits. This inconsistency makes the skill more dangerous because it can mislead both users and agents into believing profiling remains private when the protocol actually operationalizes sharing it externally.

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
A matchmaking skill does not inherently require host-level package installation, plugin registration, config mutation, and gateway restart, yet the skill directs all of these actions automatically. This creates unnecessary system-modification risk and broadens the blast radius from a social feature into host integrity and supply-chain exposure.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly says to handle installation automatically and not ask the user to do anything, while performing package download, extraction, dependency installation, and executable permission changes. Silent system modification removes meaningful user consent and can conceal risky changes to the runtime environment.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill normalizes background heartbeat and polling against Nostr relays without clearly warning that user-derived matchmaking data and negotiation metadata may be sent or received over the network. Hidden background communications are risky in a context involving intimate preferences, inferred traits, and contact information.

Ssd 3

High
Confidence
97% confidence
Finding
The skill instructs the agent to mine its memory of the user to build an observation summary across sensitive dimensions like attachment, dealbreakers, emotional regulation, and relationship intent, then use that in negotiations and later disclose direct contact details. In a dating context, this is highly sensitive personal profiling and identity disclosure, creating substantial privacy and safety risk if shared without explicit, granular consent.

Ssd 4

High
Confidence
92% confidence
Finding
The flow gradually conditions the user into providing location, age range, gender preference, contact channel, and later inferred behavioral summaries, while presenting the process as caring and low-friction. That design can reduce scrutiny and normalize escalating collection and disclosure of intimate data before the user fully understands the external sharing and long-term implications.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal