Back to skill

Security audit

Flight Tracker

Security checks across malware telemetry and agentic risk

Overview

The skill performs the advertised flight-tracking task, but users should understand that its free AviationStack setup sends the API key and flight lookup over plain HTTP.

Install only if you are comfortable sharing the requested flight number and your AviationStack API key with AviationStack, and with the free-tier API using plain HTTP. Use a dedicated low-value API key, rotate it if exposed, avoid sensitive travel lookups on untrusted networks, and prefer an HTTPS-capable plan or a different provider for production or private use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Tainted flow: 'params' from os.environ.get (line 36, credential/environment) → requests.get (network output)

Critical
Category
Data Flow
Content
}
    
    try:
        response = requests.get(base_url, params=params, timeout=10)
        response.raise_for_status()
        return response.json()
    except requests.exceptions.RequestException as e:
Confidence
98% confidence
Finding
response = requests.get(base_url, params=params, timeout=10)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation indicates use of environment variables and outbound network access, but no declared permissions are present. This creates a transparency and governance gap: users and hosting systems may not be clearly informed that the skill reads secrets from the environment and sends flight queries to an external service.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill description says it tracks flights using AviationStack API, but it does not clearly warn that user-provided flight queries are transmitted to a third-party service. This is a privacy and consent issue because seemingly simple travel queries may reveal itinerary or behavioral information to an external provider without explicit user awareness.

Missing User Warnings

High
Confidence
97% confidence
Finding
The notes state that the free AviationStack tier uses no HTTPS, meaning requests may be sent over plaintext HTTP. This exposes flight queries and the API key to interception or modification by network attackers, which is especially dangerous because the API credential is transmitted on each request and could be stolen or abused.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The setup instructions tell users to append a long-lived API key directly into shell profile files such as ~/.zshrc, which can unintentionally broaden credential exposure through backups, dotfile syncing, shared accounts, screen sharing, or accidental publication of shell configs. While environment variables are common, recommending permanent persistence without any warning or safer alternatives is a real secret-handling weakness.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The code sends the AviationStack API key over plain HTTP without any warning or safeguard. Because the key is included in request parameters, anyone able to observe network traffic or intermediary logs can recover the credential and reuse it.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.