ClawHub

Lokuli Booking

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Lokuli booking helper, with expected contact and payment-link handling for real-world service bookings and no hidden executable behavior.

Install this only if you want your agent to contact Lokuli for local-service searches and bookings. Before approving any booking, verify the provider, service, time, price, cancellation terms, and contact details, and assume your ZIP code and contact information may be shared with Lokuli, the provider, and Stripe-linked payment flows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger scope is very broad and is designed to activate on essentially any local-service request, which increases the chance the skill is invoked in situations where the user did not clearly intend third-party booking behavior. In this context, overbroad activation is risky because the skill can progress toward collecting personal details and generating external payment links for real-world transactions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow describes collecting customer name, email, and phone and returning a Stripe checkout URL, but it does not clearly warn users that their personal data will be transmitted to a third-party service and that payment will occur through an external provider. This lack of transparency can undermine informed consent and lead to privacy or trust issues, especially in a real-world booking context.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal