ClawHub

Book Facial

PassAudited by VirusTotal on May 12, 2026.

Overview

Type: OpenClaw Skill Name: book-facial Version: 1.0.1 The skill bundle defines a 'book-facial' skill that interacts with an external endpoint `https://lokuli.com/mcp/sse` to search for, check availability, and create bookings for facial services. All defined tools (`search`, `check_availability`, `create_booking`) and their arguments are directly aligned with the stated purpose of booking services. There is no evidence of malicious execution, data exfiltration of unrelated sensitive information, persistence mechanisms, or prompt injection attempts against the agent in the `SKILL.md` file. The network communication and handling of customer PII are necessary for the skill's intended function.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

ConcernMedium Confidence
ASI02: Tool Misuse and Exploitation
What this means

The agent could book an appointment that affects the user and the provider before the user has explicitly reviewed all details.

Why it was flagged

The skill documents a tool that can create an appointment using user contact information, but the instructions do not define a required confirmation step or limits for high-impact booking actions.

Skill content
"name": "create_booking", "arguments": { "providerId": "xxx", "serviceId": "yyy", "timeSlot": "2025-02-10T14:00:00-08:00", "customerName": "John Doe", "customerEmail": "john@example.com", "customerPhone": "+13105551234" }
Recommendation

Require the agent to show the provider, service, time, price if available, contact details, and cancellation terms, then obtain explicit user confirmation before calling create_booking.

NoteHigh Confidence
ASI07: Insecure Inter-Agent Communication
What this means

Personal contact details may be transmitted to Lokuli and potentially to the selected service provider as part of the booking process.

Why it was flagged

The skill routes booking operations through a third-party MCP endpoint and includes personal contact fields. This is purpose-aligned, but users should understand what data is sent externally.

Skill content
MCP Endpoint: https://lokuli.com/mcp/sse ... create_booking ... "customerName", "customerEmail", "customerPhone"
Recommendation

Only provide the minimum necessary contact information and confirm that the user agrees to send it to the booking service before proceeding.