Dataify Booking Hotellist

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do the Booking/Dataify collection task it claims, but it needs review because its API-token handling can expose or persist the token without a clearly scoped storage method.

Review before installing if you will use a real Dataify API token. Prefer DATAIFY_API_TOKEN from a controlled environment or another non-argv secret mechanism, avoid placing tokens directly in shell commands, and only allow token persistence if you know exactly where it will be stored and how to remove it.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill instructs the agent to read an API token from the environment and make outbound network requests, but it declares no permissions. This creates a permission-model mismatch: a user or platform may not realize the skill can access local secrets and transmit data externally, which increases the risk of unintended secret use or exfiltration if the skill is reused, modified, or invoked in broader contexts.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal