ClawHub

Tinder

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Tinder coaching skill with local note-taking that is disclosed and tied to its purpose, though users should be careful about sensitive dating data.

Install only if you are comfortable with local Tinder coaching notes in ~/tinder/. Before enabling tracking, confirm what will be saved, avoid storing raw chats or intimate third-party details, and periodically review or delete those files if you no longer need them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The template directs creation of persistent files under the user's home directory to store dating goals, match patterns, profile notes, and date planning without any explicit consent flow, retention limits, or privacy warning. In this skill context, the data is likely to include sensitive personal and third-party information, so durable local storage increases the risk of over-collection, unintended retention, and privacy exposure on a shared or compromised device.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The setup explicitly tells the agent to explain storage only if the user asks or if trust depends on it, while also directing it to create and use local files for Tinder-related notes. Because this skill handles sensitive dating preferences, chat history, and date outcomes, conditional disclosure undermines informed consent and can lead to unexpected retention of intimate personal data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill's storage section describes saving goals, profile notes, matches, experiments, and date information, but the surrounding behavior does not provide a clear privacy warning commensurate with the sensitivity of that data. In a dating-assistance context, these records can reveal intimate preferences, relationship status, and behavioral history, increasing privacy and reputational risk if stored without clear user awareness.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal