Book Oil Change

Security checks across malware telemetry and agentic risk

Overview

This is a small oil-change booking skill that uses a disclosed Lokuli endpoint and does not show hidden code, persistence, or unrelated access.

Install only if you are comfortable using Lokuli as an external booking service. Before creating a booking, confirm the provider, service, date, time, and contact details, and avoid invoking it for general oil-change information that does not require contacting a booking service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The trigger description is broad enough to activate on generic oil-change-related requests without clearly constraining intent, which can cause the agent to invoke an external booking workflow when the user may only be asking for information or recommendations. In a skill that can search providers and create bookings, overbroad triggering increases the chance of unintended external actions and unnecessary data sharing.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill includes a booking flow that sends personal data such as name, email, and phone number to an external MCP endpoint, but it does not warn the user that this information will be transmitted to a third-party service. This lack of disclosure undermines informed consent and can lead to unintended exposure of sensitive contact information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal