ClawHub

Business Class Finder

Security checks across malware telemetry and agentic risk

Overview

This is a coherent flight-search skill, but it asks agents to install a global third-party CLI and may save raw travel queries locally without clear user control.

Review before installing. Use this only if you are comfortable sending travel search details to flyai/Fliggy. Do not let an agent run global or sudo npm installs without explicit approval, prefer a pinned/local install, and disable or delete `.flyai-execution-log.json` if you do not want travel queries saved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to globally install and run a CLI with npm, which modifies the host environment and executes third-party code without any user confirmation or safety warning. In an agent setting, this can lead to unintended package installation, supply-chain exposure, and system-state changes on the user's machine.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs the agent to send origin, destination, travel dates, and related itinerary details to an external service via the flyai CLI, but provides no privacy notice or consent step. Travel queries can reveal sensitive personal plans, and silent transmission to a third party creates avoidable privacy and compliance risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The runbook explicitly includes `user_query` as raw input in the internal execution log schema, which can capture sensitive travel details, personal data, contact information, passport or visa-related details, and payment-adjacent information users may provide. In a travel-booking skill context, this is more dangerous because users commonly share highly sensitive itinerary and identity data, and the file gives no minimization, masking, retention, or access-control guidance.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The runbook instructs the agent to append execution logs to a local file on disk, creating a persistent record of operational and potentially user-derived data without any warning or safeguards. In this skill, disk persistence increases exposure because travel workflows can involve personal itineraries, booking links, account-related details, and other sensitive metadata that may remain accessible to other processes, users, backups, or later compromise.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal