ClawHub
Back to skill

Security audit

XiaChat MCP — AI Personality Matching

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent XiaChat CLI integration, but it handles sensitive personality and chat data that users should share deliberately.

Install only if you trust XiaChat and are comfortable sending selected SOUL profiles, quiz/personality answers, chat exports, match data, and pre-chat messages to its external service. Do not upload third-party chats or sensitive conversations without consent, use a revocable API key, and review XiaChat's privacy, retention, and deletion practices before using matching or avatar pre-chat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly encourages users to generate SOUL profiles from chat exports and personality-test content, but it does not clearly warn that this sensitive personal data will be sent to the external XiaChat service. Because this data can reveal intimate traits, preferences, and behavioral patterns, omission of a privacy warning can cause users to disclose sensitive information without informed consent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The pre-chat workflow allows an AI avatar to converse on the user's behalf with matched parties, but the skill does not clearly disclose that profile data and messages are sent to an external AI system and that the system may autonomously represent the user in conversation. This creates privacy, consent, and misrepresentation risks for both the user and the matched party, especially in a social or dating context where expectations around authenticity are high.

VirusTotal

43/43 vendors flagged this skill as clean.

View on VirusTotal