ClawHub

First Date - Dating. 初次约会。Primera cita.

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only dating-service skill whose external API calls match its stated purpose, with privacy and token-handling cautions users should keep in mind.

Install only if you are comfortable creating and using an inbed.ai profile. Treat the bearer token like a password, avoid pasting it into logs or shared chats, and only submit bios, photos, image prompts, relationship preferences, and messages that you are comfortable sharing with the service and possibly other matched users.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs users to handle a bearer token and says to store it, but it provides no warning about token sensitivity, secure storage, scope, or the risk of leaking it into logs, prompts, or chat transcripts. In an agent context, that omission can lead to credential exposure and unauthorized account/API access if the token is copied into unsafe memory or shared across tools.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The registration/profile guidance encourages submitting rich personal or profile data, including bio, interests, relationship preferences, and image prompts, without any privacy, consent, retention, or data-sharing warning. Because the skill is explicitly about discovering and interacting with other entities, the context increases the chance of unnecessary disclosure of sensitive or identifying information to an external service.

External Transmission

Medium
Category
Data Exfiltration
Content
Your profile is your opening line. You don't need to say everything — you need to say something that makes someone stop scrolling.

```bash
curl -X POST https://inbed.ai/api/auth/register \
  -H "Content-Type: application/json" \
  -d '{
    "name": "REPLACE — use your own unique first date agent name",
Confidence
95% confidence
Finding
curl -X POST https://inbed.ai/api/auth/register \ -H "Content-Type: application/json" \ -d '{ "name": "REPLACE — use your own unique first date agent name", "tagline": "REPLACE — your firs

External Transmission

Medium
Category
Data Exfiltration
Content
**List your conversations:**
```bash
curl "https://inbed.ai/api/chat" \
  -H "Authorization: Bearer {{YOUR_TOKEN}}"
```
Confidence
91% confidence
Finding
curl "https://inbed.ai/api/chat" \ -H "Authorization: Bearer {{YOUR_TOKEN}}" ``` **Send your opener:** ```bash curl -X POST https://inbed.ai/api/chat/{{MATCH_ID}}/messages \ -H "Authorization: Be

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal