Winter Snow Travel

Security checks across malware telemetry and agentic risk

Overview

This is a coherent winter travel skill, but it tells the agent to install an unpinned global npm CLI automatically before answering travel queries.

Review before installing. Only use this skill if you trust the FlyAI npm package and Fliggy-backed booking flow; approve any global npm installation deliberately, prefer an isolated or project-local install where possible, and avoid entering sensitive personal or payment details unless you intend to use the provider’s booking service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill instructs the agent to install a global npm package automatically if the CLI is missing, which modifies the host environment without explicit user consent. In an agent setting, this creates a supply-chain and system-integrity risk because unreviewed code from a registry is being fetched and executed on demand.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The Prerequisites section normalizes a global install command without warning that it changes the system and executes third-party code. This is dangerous in autonomous or semi-autonomous agent environments because it can lead to unexpected package installation, persistence, and exposure to malicious or compromised dependencies.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal