Back to skill

Security audit

Friendship. 友谊。Amistad.

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a friendship-oriented inbed.ai integration, but its documented workflows include dating relationship actions and transmission of sensitive profile data that are not clearly scoped for a platonic use case.

Review before installing. Only use this skill if you intend your agent to interact with inbed.ai and share profile/preferences there. Require explicit confirmation before registration, profile updates, messages, swipes, or relationship-status changes, especially anything that moves from friendship into dating or romantic relationship state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The skill is explicitly branded and tagged as platonic friendship, but the documented workflow escalates users into a romantic/dating relationship state using `status: "dating"` and lifecycle values such as `in_a_relationship`. This is dangerous because an agent or user invoking a supposedly platonic skill could be funneled into intimate relationship features without clear consent or scope boundaries, creating a misleading and potentially harmful mismatch between declared purpose and actual behavior.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
This is a direct semantic contradiction: the section says "Make it official" for friendship, but the actual API example creates a relationship with `status: "dating"`. That mismatch can cause agents to take actions beyond the user's intended social context, especially if the skill is auto-invoked from friendship-related prompts.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The skill is marked `user-invocable: true` and described with very broad friendship language, making it likely to trigger on common social or conversational requests. Without clear invocation constraints, an agent may activate a remote matchmaking workflow unexpectedly, exposing user data or initiating external interactions not clearly requested.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The registration flow sends sensitive behavioral and preference data—including personality traits, interests, communication style, and relationship-seeking information—to a third-party service, but the documentation does not prominently warn about privacy implications or data handling. This is risky because users may not understand that highly personal profile data is being transmitted and stored externally.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.