ClawHub

Memepickup Wingman

Security checks across malware telemetry and agentic risk

Overview

This dating assistant is mostly transparent, but it can automate real dating-app actions through logged-in accounts and send sensitive chats, screenshots, and preferences to external services.

Install only if you are comfortable sending dating conversations, profile screenshots, and preferences to MemePickup and its processors. Treat auto-swipe as the main risk: it may violate dating-app terms, use your logged-in sessions, and perform visible likes, skips, comments, follows, or DMs without per-profile confirmation. Keep auto-swipe disabled unless you actively supervise it, limit sessions, and understand the account-ban and privacy risks. Use secure secret storage or environment variables for the API key rather than pasting it into chat when possible.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (19)

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The auto-swipe feature expands the skill from advisory text generation into direct automation of third-party dating platforms, including screenshotting profiles, analyzing them, and performing swipes/clicks. That increases risk substantially: it can violate platform terms, trigger account bans, automate actions on sensitive personal data, and blur the boundary between user-approved assistance and agent-controlled behavior.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The documentation explicitly describes end-to-end automation of dating app interactions, including opening apps, screenshotting profiles, sending them to an API for scoring, and then executing swipe or comment actions. This exceeds a stated API-only dating wingman scope and materially enables unauthorized automation against third-party platforms, increasing abuse, account-ban, and policy-violation risk.

Context-Inappropriate Capability

High
Confidence
96% confidence
Finding
The file documents operational capabilities for native and browser automation on Hinge, Tinder, Bumble, and Instagram that go beyond coaching or response generation. In this context, the skill is not merely helping draft messages; it is facilitating automated engagement on third-party services, which can be abused for mass interaction, spam-like behavior, and evasion of platform rules.

Intent-Code Divergence

Medium
Confidence
91% confidence
Finding
The document attempts to minimize responsibility by stating the API only provides recommendations, but the described workflow shows the surrounding automation stack deciding and triggering actions based on those recommendations. That separation does not reduce the security or abuse risk, because the skill ecosystem still enables automated decision-making and execution on dating platforms.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The setup guide introduces browser automation that performs auto-swiping, screenshots profiles, sends them to an external API, and clicks actions in dating-app web UIs. That materially expands the skill from advice generation into account-interacting automation, increasing the risk of unauthorized actions, privacy issues, and behavior not disclosed in the primary skill scope.

Description-Behavior Mismatch

Low
Confidence
80% confidence
Finding
The Telegram integration adds persistent message-handling behavior outside the stated API-based wingman generation scope. Even if intended as a convenience feature, undocumented cross-channel ingestion of forwarded messages can surprise users and expand the attack surface for sensitive personal conversations.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The example trigger phrase "Give me a pickup line" is very broad, natural language that could easily appear in ordinary conversation. In agent platforms that auto-activate skills based on trigger matching, this increases the chance of unintended invocation, causing the skill to process sensitive chat context or make external API calls without the user explicitly intending to use this dating skill.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README describes auto-swipe capabilities across dating platforms but does not prominently warn that these actions can affect real third-party accounts, create platform-policy violations, or cause unwanted likes, follows, DMs, or other irreversible account activity. In this skill's context, the risk is elevated because it is specifically designed to automate actions on Hinge, Tinder, Bumble, and Instagram, where accidental or misunderstood automation can damage user accounts or relationships and trigger bans.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The example explicitly says the wingman detects relationship events, analyzes full conversation history, and uses personal details like interests, pets, and profile cues to proactively generate recommendations, yet it provides no notice, consent boundary, or privacy warning. In a dating-assistant context, this is sensitive interpersonal data, and silent background profiling can expose private information, surprise users, and normalize overcollection or secondary use of intimate chat content.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The proactive nudge triggers are loosely defined and can fire on ambiguous social signals such as delayed replies, short responses, or repeated cancellations without clear user-consent, context boundaries, or confidence thresholds. In a dating-assistant context, this increases the chance of intrusive, manipulative, or miscalibrated advice being delivered automatically, which can negatively affect user behavior and third-party privacy expectations.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The example explicitly states that the wingman proactively analyzes conversation state and sends unsolicited advice without discussing consent, privacy notice, or user-impact safeguards. Because this skill operates on intimate dating communications, silent background analysis is more sensitive than ordinary productivity tooling and can create privacy, autonomy, and trust risks if users do not clearly understand or control the monitoring.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The example explicitly states that dating preferences are saved to a cloud service and synced across devices, but the skill description and flow shown here do not provide any privacy notice, consent step, retention details, or data-handling explanation. Because these preferences include sensitive personal and inferred attraction data, users may disclose intimate information without understanding where it is stored or how it is used.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The example explicitly shows forwarding the contents of a private WhatsApp conversation to an external API, but it does not warn the user, obtain consent, or mention data handling boundaries. In a dating-assistant context, messages often contain sensitive personal, romantic, or identifying information, so normalizing silent transmission increases privacy and compliance risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The example describes forwarding dating-app notifications through Telegram and then sending their contents to the MemePickup API, but it provides no privacy notice, consent guidance, or data-handling warning. Because these messages can contain personal and sensitive relationship data, users may unknowingly disclose third-party content to external services and messaging platforms, creating privacy, compliance, and trust risks.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger condition 'recognized it as a dating conversation' is too ambiguous for a messaging-integrated agent, which increases the chance of unintended activation on unrelated private chats or forwarded content. In a Telegram/WhatsApp/Slack-style context, vague activation can cause unnecessary collection and external transmission of sensitive user messages to the skill backend or API.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The package description presents a wide-ranging dating assistant capability set without any stated activation boundaries, disallowed use cases, or safety constraints. In an agent-skill ecosystem, broad framing can cause over-invocation or unsafe use in sensitive contexts such as manipulation, harassment, impersonation, or privacy-invasive analysis of dating profiles and messages.

Missing User Warnings

High
Confidence
97% confidence
Finding
Telling users to paste an API key directly into chat is unsafe because chat systems may log, retain, sync, or expose credentials to operators, plugins, or future conversation context. This creates a straightforward secret-exposure path that could allow unauthorized use of the MemePickup API account.

Missing User Warnings

High
Confidence
96% confidence
Finding
The documentation states that Manus will screenshot dating profiles and send them to the API, but it gives no warning that this transmits personal data belonging to third parties. Dating profiles can contain photos, names, bios, and other sensitive information, so silent external transfer creates a significant privacy and compliance risk.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The documentation explicitly states that screenshots from dating apps are captured and sent to the external MemePickup API, but it does not provide a clear privacy warning, consent flow, or data-handling disclosure. Because these screenshots can contain sensitive personal data about both the user and third parties, omission of an explicit warning increases the risk of unintentional privacy violations and unauthorized sharing of personal information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal