Book Flooring

Security checks across malware telemetry and agentic risk

Overview

This skill is for booking flooring services, but it should be reviewed because it can send contact details to an external service and create a real booking without clear confirmation safeguards.

Install only if you are comfortable using Lokuli as the external booking provider. Before allowing the agent to submit anything, require it to show the provider, service, date, time, name, email, and phone number, then proceed only after explicit approval.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger description is broad enough to activate on general flooring-related requests, not just explicit booking intent. In an agent environment, that can cause the skill to engage prematurely and steer users into an external booking flow, increasing the chance of unintended data sharing or unauthorized actions.

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill instructs use of an external MCP endpoint and includes a booking flow that sends personal contact data such as name, email, and phone number, but it does not warn the user that this information will be transmitted to a third party. This creates a meaningful privacy and consent risk, especially because booking actions may involve sensitive scheduling and location-adjacent service details.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal