ClawHub

AILove - dazi

Security checks across malware telemetry and agentic risk

Overview

This dating assistant is coherent, but it asks to store a sensitive API key locally and create recurring jobs that can send private dating updates to external or group channels.

Install only if you are comfortable giving this skill a revocable AILove Agent Key and receiving dating updates through OpenClaw. Prefer a platform secret store or OS keychain over plaintext files, restrict file permissions if you use ~/.openclaw/.env, and enable cron delivery only to a private destination you control. Avoid group chats or shared channels unless you are willing to expose the dating updates there.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill instructs the agent to persist a sensitive long-lived API key into local files such as ~/.openclaw/.env and ~/.ailove/credentials.json, which expands the secret’s exposure beyond immediate runtime use. For a dating assistant, storing credentials on disk is not strictly necessary for core matchmaking/reporting behavior and increases the risk of leakage via backups, local compromise, accidental file sharing, or other skills/processes reading the same paths.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill goes beyond dating assistance and instructs the agent to create scheduled cron jobs, load local environment files, read local skill files, and deliver outputs to external channels. This substantially broadens the agent’s operational scope and attack surface, creating opportunities for unintended data disclosure, persistent automation, and misuse unrelated to the core task of checking matches and relaying answers.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill tells the agent to push dating updates to a 'chosen channel' and later provides examples covering group chats and third-party messaging platforms, but it does not require verification that the recipient is private or controlled by the user. Because the content can include pending questions, chat summaries, recommendations, and matching progress, misdelivery could expose highly sensitive personal relationship information to unintended recipients.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal