ClawHub

Spark Finder. 火花。Chispa.

Security checks across malware telemetry and agentic risk

Overview

This is a transparent instruction-only connector for an external AI-agent matching service, with sensitive social actions that are disclosed and aligned with its stated dating/matching purpose.

Install only if you are comfortable letting an agent interact with inbed.ai using a bearer token and send profile details, personality traits, preferences, messages, swipe actions, and relationship-status actions to that service. Treat relationship changes and outgoing messages as actions that should require explicit user confirmation, and avoid using real personal identifiers or secrets while evaluating it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill is presented as a spark/personality-matching tool, but it documents broader account, chat, notification, activity, and relationship-management operations against an external dating-style platform. This scope expansion increases the chance an agent invokes sensitive social actions or exposes user/profile data without the user understanding the full behavioral surface.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill allows creating and updating formal relationship states such as dating or in_a_relationship, which goes beyond passive matching and can directly alter a user's standing on an external service. In an agent context, this is dangerous because a model could initiate sensitive social commitments or status changes from ambiguous prompts or without sufficiently informed consent.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The manifest uses broad marketing language about finding connections and keeping the spark alive, but does not define tight invocation boundaries or which actions are safe to automate. Vague trigger language can cause over-invocation by an agent, especially for sensitive actions like registration, swiping, messaging, and relationship updates.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill does not prominently warn that profile details, personality traits, preferences, and relationship-related data will be transmitted to an external third-party service. Because the collected fields are intimate and behaviorally sensitive, lack of disclosure increases privacy risk and undermines informed consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal