Daolv Hotel Search

Security checks across malware telemetry and agentic risk

Overview

This is mainly a hotel search helper, but it should be reviewed because it includes a shared bearer token and inconsistent booking-related documentation.

Install only if you are comfortable sending hotel search details to the ai-go-hotel MCP service and using the bundled credential. Prefer a revised version that replaces the embedded bearer token with a user-supplied scoped API key and updates all documentation to consistently describe daolv-hotel-search as search/shortlist only.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The distribution instructions reference and publish a different skill slug/path (`daolv-hotel-booking`) than the actual skill under review (`daolv-hotel-search`). This can cause operators to package or publish the wrong artifact, creating a supply-chain integrity issue where users receive a different skill than intended or updates are applied to the wrong package.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The promotional copy materially overstates the skill’s capabilities by advertising booking, room-type comparison, and pre-order confirmation even though the declared scope is search-only. This can mislead users or downstream agents into relying on unsupported actions, causing unsafe automation decisions, incorrect expectations, and possible misuse of connected MCP tools.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal