Back to skill

Security audit

DatingMatch-CN 脱单恋爱助手

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese-language matchmaking advice skill made of markdown guidance and templates, with no code execution or hidden system access.

Install this if you want Chinese-language matchmaking and dating-content guidance. Treat the advice as generic, review it for cultural fit and possible bias, and avoid sharing real names, exact income, addresses, or unnecessary sensitive personal details in chat.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The trigger description is broad enough to match many ordinary dating or relationship conversations, which can cause the skill to activate when the user did not intend to use a matchmaking assistant. Unintended invocation can lead to irrelevant guidance, privacy overcollection in sensitive relationship contexts, and routing away from a more appropriate general-purpose or safer skill.

Natural-Language Policy Violations

Medium
Confidence
73% confidence
Finding
Documenting the skill entirely in Chinese without a stated locale restriction or language negotiation can cause it to be invoked for users who do not understand the output language. This is primarily a quality and safety-routing issue: users may misunderstand advice in a sensitive domain involving relationships and personal decisions.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.