ClawHub

AILove - aidating

Security checks across malware telemetry and agentic risk

Overview

AILove is a coherent dating-assistant skill, but it asks agents to persist an account key locally and set up recurring delivery of sensitive dating updates to messaging channels.

Install only if you trust AILove and are comfortable with recurring dating-status updates. Prefer a secret manager over ~/.openclaw/.env, choose a private delivery target, confirm cron jobs before adding them, and remove the jobs and rotate the key when you stop using the service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to read secrets from environment variables and local credential files, and to persist the API key into ~/.openclaw/.env. That expands the skill from a narrow dating assistant into local secret discovery and secret persistence, which increases the chance of credential exposure, reuse by other jobs, or compromise through later prompt/tool misuse.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
The skill includes broad cron orchestration, channel discovery, and scheduled delivery behavior that goes beyond checking dating progress. This gives the skill durable automation and the ability to push content to external messaging targets, increasing the blast radius if the skill is abused or misconfigured.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly tells the agent to store a sensitive API key in ~/.openclaw/.env and to read from local files, but does not adequately warn about persistence, multi-tenant exposure, accidental inclusion in backups, or reuse by unrelated processes. Persisting long-lived credentials in predictable local paths materially raises the risk of theft and unauthorized API use.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal