Back to skill

Security audit

flight-scout

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Flight Scout API client that sends flight queries and an API key to the user-configured service endpoint.

Install only if you trust the Flight Scout API endpoint you configure. Prefer HTTPS, keep FLIGHT_SCOUT_API_KEY in the local skill .env or shell environment, and remember that flight searches, quota checks, and the API key are sent to FLIGHT_SCOUT_API_BASE_URL.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.