Security audit

Study Tour

Security checks across malware telemetry and agentic risk

Overview

This is a travel-search skill that coherently uses a third-party CLI for live flight results, but users should approve the global CLI install themselves.

Install only if you are comfortable using the flyai/Fliggy travel CLI for live flight searches. Approve the npm install yourself, consider using npx or an isolated environment, and review booking links before entering payment or personal travel details.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly instructs the agent to install a global npm package (`npm i -g @fly-ai/flyai-cli`) as part of normal execution, without requiring user consent or warning that it will modify the host environment. This creates supply-chain and system-integrity risk, especially in agent contexts where commands may be executed automatically on developer workstations or CI runners.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal