Book Auto Body

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward auto-body booking skill that uses a disclosed Lokuli endpoint, but users should confirm before sending contact details or creating a booking.

Install only if you trust Lokuli for auto-body booking. Before use, ask the agent to show the provider, service, appointment time, and contact details, then get your explicit approval before sending personal information or finalizing the booking.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger description is broad enough to activate on vague requests like any 'auto-body service request,' which can cause the skill to run in situations the user did not clearly intend. In a booking workflow tied to an external MCP endpoint, overbroad activation increases the chance of unnecessary provider searches or movement toward booking actions involving user data without sufficiently explicit consent.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill sends sensitive personal data including name, email, phone number, and likely location context to a third-party booking service, but the description does not warn the user about this external transmission. In this context, the absence of a disclosure is dangerous because users may provide booking details expecting local processing, not realizing their data will be shared with Lokuli.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal