ClawHub

Find Night Shopping — Night Markets, Evening Bazaars, Late-Night Stalls & Street Vendors

Security checks across malware telemetry and agentic risk

Overview

This travel-search skill is not malicious, but it needs Review because it directs automatic global CLI installation and hidden persistent logging of user travel queries.

Install only if you trust the flyai CLI provider and are comfortable approving a global npm install. Avoid entering passports, payment details, or sensitive itinerary data, and disable or delete .flyai-execution-log.json if you do not want local travel-query logs retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to run `npm i -g @fly-ai/flyai-cli` automatically, which modifies the host environment without user consent or a trust check. Installing and executing a third-party global package increases supply-chain and system-integrity risk, especially because the skill frames installation as mandatory before serving the user.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The runbook explicitly logs the raw user query and full CLI command history in an internal execution log, but provides no notice, minimization, or redaction requirements. In a travel/booking skill, user queries and commands can contain personal, financial, itinerary, or location data, so retaining them verbatim creates avoidable privacy and data-exposure risk if logs are accessed, mishandled, or reused.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The runbook instructs appending execution logs to a local file without any warning, safeguards, or constraints on what may be written. Persisting request data, commands, and status details to disk increases the chance of long-term exposure through shared environments, backups, local compromise, or accidental inclusion in artifacts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal