Back to skill

Security audit

Book Braids

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward braid-booking skill that uses a disclosed Lokuli booking endpoint, but users should confirm before sending personal contact details.

Install this only if you want an agent to help search and book braid appointments through Lokuli. Before any booking is created, confirm the provider, time, price, and that your name, email, phone number, zip code, and appointment details may be sent to Lokuli.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger text is broad enough to activate on essentially any braids-related request, which can cause the agent to invoke an external booking workflow when the user may only want information, advice, or casual discussion. In a skill that connects to a third-party MCP endpoint and supports booking actions, overbroad routing increases the chance of unintended data disclosure or unintended transactional behavior.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill describes use of an external Lokuli MCP booking service but does not warn that personal data such as name, email, phone number, location/ZIP code, and appointment details may be transmitted off-platform. Because the skill includes a create_booking flow with direct PII fields, lack of disclosure and consent creates meaningful privacy and trust risk and may lead users to unknowingly share sensitive personal information with a third party.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.