Back to skill

Security audit

Ticket Price Compare

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed travel ticket search skill that makes purpose-aligned external price queries and generates booking links, with no evidence of hidden persistence, purchases, or local data harvesting.

Install this if you want an agent to compare ticket prices across travel providers. Treat route, date, and city searches as information that may be shared with 12306, Ctrip, Firecrawl, Tequila, or Amadeus depending on configuration, and only add optional API keys you are comfortable using for those services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README promotes sending user travel searches to multiple third-party services such as Firecrawl, Ctrip, 12306, Tequila, and Amadeus, but it does not clearly warn users that their itinerary data will be transmitted externally. Travel queries can reveal sensitive personal information such as planned movements, dates, and destinations, so omitting an explicit privacy/data-sharing notice is a real security and privacy weakness in an AI skill context.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The auto-trigger examples are broad enough that the skill could activate on ordinary travel-related conversation without a clear boundary that external lookups will occur. In an agent environment, this increases the risk of unintended data transmission, surprise network access, and actions performed without sufficiently informed user intent.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger description is very broad and covers generic ticket-price, deal-finding, and platform-comparison scenarios, which can cause the skill to activate for routine travel-shopping queries without sufficiently narrow scoping. In this context, unintended invocation matters because the skill may then initiate external searches and transmit user itinerary details to multiple third-party services, increasing privacy exposure and the chance of actions the user did not specifically request.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes sending route and date queries to several external domains but does not clearly warn users, before use, that their travel search parameters may be disclosed to multiple third-party services. Because travel routes and dates can reveal sensitive plans and patterns, the lack of transparent notice and consent increases privacy risk, especially when optional scraping/rendering providers like Firecrawl are involved.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.