Book Language Tutor

Security checks across malware telemetry and agentic risk

Overview

This skill appears intended for legitimate language-tutor booking, but it can send personal contact details and create a real booking without clear consent or final confirmation safeguards.

Install only if you are comfortable using Lokuli for tutor booking. Before allowing create_booking, ask the agent to show the exact provider, service, date and time, contact details to be shared, price if available, and cancellation terms, then confirm explicitly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The manifest description includes broad trigger language such as 'any language-tutor service request,' which can cause the skill to activate on loosely related user queries. Overbroad invocation increases the chance that user requests are routed to an external booking workflow without sufficiently clear user intent, leading to unnecessary exposure of search context or later collection of booking data.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill documents transmission of personal contact data including name, email, and phone number to an external MCP booking service, but it provides no warning or consent guidance before collecting and sending that information. This creates privacy and compliance risk because users may not understand that their PII will be shared with a third party during booking.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal