Back to skill

Security audit

Flight Tracker

Security checks across malware telemetry and agentic risk

Overview

This flight-tracking skill does what it claims, but its default AviationStack setup sends the API key and flight lookup over unencrypted HTTP.

Install only if you are comfortable sending your AviationStack API key and flight numbers to AviationStack over HTTP on the free tier. Prefer an HTTPS-capable paid plan or another provider for sensitive travel use, use a limited-purpose key, avoid public or untrusted networks, and avoid storing the key permanently in shell profiles on shared or synced machines.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Tainted flow: 'params' from os.environ.get (line 36, credential/environment) → requests.get (network output)

Critical
Category
Data Flow
Content
}
    
    try:
        response = requests.get(base_url, params=params, timeout=10)
        response.raise_for_status()
        return response.json()
    except requests.exceptions.RequestException as e:
Confidence
98% confidence
Finding
response = requests.get(base_url, params=params, timeout=10)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill explicitly instructs users to set an environment variable for an API key and to invoke a script that contacts an external service, which means it uses env and network capabilities without declaring them. Undeclared capabilities reduce transparency and informed consent, making it easier for a user or host system to underestimate what the skill can access and transmit.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill directs users to query AviationStack with flight numbers and an API key, but it does not clearly disclose that user queries and API-key-authenticated requests are transmitted to a third-party service. This omission creates a privacy and consent problem because users may not realize their inputs and associated metadata leave the local environment.

Missing User Warnings

High
Confidence
98% confidence
Finding
The note that the free tier uses no HTTPS indicates requests may be sent over unencrypted transport, exposing flight queries and the API key to interception or modification by network attackers. Because the API key authenticates requests, plaintext transmission can enable credential theft, account abuse, and tampering with returned data.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document instructs users to append a long-lived API key directly into shell profile files such as ~/.zshrc, which can increase the chance of accidental credential exposure through backups, dotfile syncing, shared accounts, screenshots, or later disclosure of the profile contents. While storing secrets in environment variables is common, recommending permanent persistence without any warning, least-privilege guidance, or safer secret-storage alternatives creates avoidable operational risk.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The code uses an insecure transport URL and includes the API key as a request parameter, which exposes the credential and flight query to interception on the network path. Query-string credentials are also more likely to appear in logs, proxies, and monitoring systems, increasing accidental disclosure risk.

External Transmission

Medium
Category
Data Exfiltration
Content
def fetch_flight_data(flight_number: str, api_key: str) -> dict:
    """Fetch flight data from AviationStack API"""
    base_url = "http://api.aviationstack.com/v1/flights"
    
    params = {
        'access_key': api_key,
Confidence
97% confidence
Finding
http://api.aviationstack.com/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.