Book Massage

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward massage-booking skill that uses a disclosed Lokuli endpoint and asks for contact details only for the booking workflow.

Before using this skill, confirm the provider, service, appointment time, and contact details before any booking is created. Only provide personal information you are comfortable sharing with Lokuli or the massage provider.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger description is broad enough to activate on essentially any massage-related request without clear boundaries or confirmation requirements. That can cause the agent to invoke an external booking workflow in situations where the user only wanted general information, increasing the chance of unintended third-party contact or premature data sharing.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill collects and transmits personal contact details including name, email, and phone number to an external endpoint, but the description provides no user warning, consent language, or disclosure that this information leaves the assistant environment. In a booking context, that omission is risky because users may not realize their PII is being sent to a third-party service, creating privacy and compliance concerns.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal