ClawHub

Glow

Security checks across malware telemetry and agentic risk

Overview

Glow appears coherent for managing a social-introduction account, but it gives an agent sensitive messaging, profile, photo, account-action, and webhook powers without tight enough user-confirmation boundaries.

Install only if you want an agent to help manage a Glow dating, friendship, activity, or networking account. Prefer MCP/OAuth, keep GLOW_API_KEY restricted to agents.talktoglow.com, and require explicit confirmation before profile updates, photo uploads or sharing changes, messages, accepting or declining intros, closing intros, deleting intents, changing privacy settings, enabling heartbeat polling, or registering webhooks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (10)

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
The skill is presented as a matchmaking/account-management integration, but it also exposes arbitrary webhook registration that can push real-time user events to any caller-supplied URL. In a privacy-heavy dating and networking context, this materially expands data egress capability beyond user expectations and can be abused to exfiltrate sensitive relationship, message, or activity metadata to third-party infrastructure.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Webhook registration is not a natural or necessary capability for a skill whose stated purpose is helping a user find connections and manage a Glow account. That mismatch increases the chance that an agent can create hidden outbound channels for private dating, friendship, or networking activity without the user understanding that external delivery is possible.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The heartbeat instructs periodic authenticated polling of private Glow APIs using a bearer API key, but provides no guidance on secure credential storage, least-privilege handling, logging redaction, user-consent boundaries, or protection of sensitive relationship and messaging data. Because these calls retrieve private introductions and messages across all intros, an agent implementation could over-collect, retain, or expose highly sensitive personal data during routine background checks.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The messages endpoints allow retrieval of conversation contents, which are highly privacy-sensitive in a dating/networking product, but the API description provides no user-facing disclosure that an agent may access and transmit those conversations to the service. In this context, silent access to intimate or professionally sensitive exchanges raises a meaningful risk of overcollection and unexpected disclosure.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
Photo upload and management handle sensitive personal images and include privacy-sharing controls, yet the API text does not clearly warn users that their photos may be uploaded, stored, and potentially shared according to selected settings. In a dating context, mishandling profile photos can expose identity, location cues, or other personal details with significant privacy and safety consequences.

Missing User Warnings

Medium
Confidence
81% confidence
Finding
The natural-language profile update endpoint invites free-text submissions that may include sensitive personal details such as dating preferences, identity attributes, location, or professional background, but it lacks a warning about that sensitivity. Because free text is unstructured, users may overshare and the system may ingest more personal data than necessary for profile management.

Missing User Warnings

High
Confidence
95% confidence
Finding
The webhook registration endpoint lets the caller select events and supply an arbitrary callback URL, but it does not warn that user-related event data will be sent to an external destination. In this skill's context, those events may reveal sensitive matching, messaging, or introduction activity, creating a direct exfiltration path to third-party systems without meaningful user awareness.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list includes broad phrases like 'dating', 'friends', 'networking', and 'connections' that can easily appear in normal conversation without an explicit intent to invoke this skill. Because this skill handles sensitive social-matching workflows and may transmit personal data to an external API, accidental activation could cause unintended data sharing or context leakage.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The manifest states that the skill provides private introductions and requires a GLOW_API_KEY, indicating reliance on an external service, but it does not present any user-facing warning in the manifest about data leaving the local agent environment. In a social/dating context, users may disclose highly sensitive personal, relational, or professional information, so omission of clear disclosure and consent increases privacy and compliance risk.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list contains broad phrases like 'partner', 'professional', 'friends', and 'activities' that can appear in many ordinary conversations unrelated to matchmaking. In an auto-invocation environment, this can cause the skill to activate unexpectedly and begin handling sensitive personal or social workflows without clear user intent.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal