ClawHub

Kura Sushi Booking (E-Pai-Ke)

Security checks across malware telemetry and agentic risk

Overview

This restaurant-booking skill matches its stated purpose, but it gives an agent account access and live booking/cancellation authority without clear final-confirmation safeguards.

Review before installing. Use this only if you are comfortable letting an agent access your E-Pai-Ke account, and avoid keeping passwords in plaintext notes. Before any booking or cancellation, require the agent to display the restaurant, date, time, party size, and reservation record, then wait for your explicit approval before pressing the final confirmation button.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs the agent to use stored account credentials from a local notes file and automate login to a real third-party service, but it provides no user-facing warning, consent checkpoint, or credential-handling safeguards. This is dangerous because it normalizes silent access to private account data and enables account actions on behalf of the user without clear authorization boundaries.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill includes instructions to create and cancel live restaurant reservations on an external service without warning that these actions have real-world side effects. This is dangerous because an agent could modify or cancel bookings unexpectedly, causing financial, scheduling, or availability impacts for the user.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal