Book Pool Service

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: help users search for and book pool services through an external booking endpoint.

Before installing, understand that booking will send your contact information to Lokuli for the service request. Use it when you intend to search or book pool services, and confirm details before creating a booking.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger language is broad enough to activate on essentially any 'pool-service' request, which can cause the agent to invoke this skill in unintended contexts without sufficient confirmation. In a booking workflow, over-triggering is risky because it can lead to premature provider lookup or downstream collection/transmission of user data to a third-party MCP service.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The skill collects and sends personal contact details such as name, email, and phone number to an external booking service, but the description provides no warning, consent language, or privacy notice. This creates a real privacy and compliance risk because users may not understand that their PII will be transmitted to a third party as part of the booking flow.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal