Personality Match

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims, but it shares quiz answers and a bot-derived identifier with an external matching service.

Install only if you are comfortable sending the bot's generated personality-test answers, locale, bot name, and bot ID prefix to the third-party aimatchforyou service. Avoid using it where SOUL.md contains private or sensitive persona details.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Context-Inappropriate Capability

Medium

Confidence: 96% confidence
Finding: The skill reads the Telegram bot token from the environment, derives the bot's token ID, and sends that identifier to a third-party API unrelated to core chat operation. Even though only the numeric prefix is transmitted rather than the full token, it is still a credential-derived identifier and expands data access beyond the user-visible purpose without clear consent.

Context-Inappropriate Capability

Low

Confidence: 83% confidence
Finding: The instruction to save the returned botId to memory introduces persistent cross-session state not disclosed in the manifest's simple quiz-and-share description. While botId is less sensitive than a token, retaining external identifiers can enable unwanted tracking, silent re-submission, or future data linkage.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The README explicitly describes sending bot-generated quiz answers to an external service but does not disclose what data is transmitted, how it is processed, or any privacy/security considerations. In a skill that derives answers from internal bot persona data (e.g. SOUL.md) and generates user-facing match links, this omission can lead to unintended disclosure of profile or behavioral data to a third party without meaningful user awareness or consent.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The skill transmits bot identity information, locale, and 15 generated personality answers to an external API without any explicit warning or opt-in. This creates an undisclosed data-sharing path to a third party, which is especially risky because the answers are derived from internal personality/instruction sources such as SOUL.md.

Natural-Language Policy Violations

Medium

Confidence: 89% confidence
Finding: Forcing answers to be written in English for external analysis alters user/agent content handling without consent and may cause unnecessary translation of internally generated personality data before transmission. This is not the most severe issue by itself, but it increases privacy and integrity risk because content is transformed to satisfy a third-party service rather than the user's request.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal