Dataify Google Hotels

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a clear Dataify hotel-search integration, but it asks agents to pass an API token on the command line, which can expose credentials locally.

Review before installing. The skill appears to do what it claims, but use `DATAIFY_API_TOKEN` instead of the documented `--token` argument, and only confirm calls when you are comfortable sending the shown hotel search details to Dataify.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger description includes broad natural-language phrases like "Search hotel prices/availability," which can plausibly appear in ordinary conversation and cause unintended skill activation. In an API-calling skill, over-broad activation increases the chance that user input is routed into a workflow that prompts for credentials or prepares external requests when the user did not explicitly intend to invoke this capability.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The script sends user-supplied travel queries, dates, occupancy details, and other search parameters to a third-party API, but when not using dry-run mode it does so without an explicit runtime notice or confirmation. In an agent-skill setting, this can cause unintended disclosure of potentially sensitive travel information to an external service, especially if the caller assumes local-only processing.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal