Book Blowout

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says, but it can send personal contact details to an external booking service and create a real appointment without clear consent steps.

Install only if you trust Lokuli as the booking service. Before using it, require the agent to ask for explicit approval before sending your name, email, phone number, location or ZIP code, selected provider, service, appointment time, and final booking terms.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger text is broad enough that the skill could be invoked for general 'blowout' queries without clearly constraining intent to salon-service booking. That can cause unintended tool use and unnecessary interaction with an external booking/search service, especially when the user is only asking informational or ambiguous questions.

Missing User Warnings

High

Confidence: 96% confidence
Finding: The skill supports transmitting customer name, email, and phone number to an external MCP endpoint, but the description does not warn users that their personal data will leave the local agent context. This creates a meaningful privacy and consent risk because users may provide sensitive contact information without understanding it will be sent to a third-party service.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal