Back to skill

Security audit

Book Lashes

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward lash-appointment booking skill that uses a disclosed Lokuli booking endpoint and does not include hidden code, local persistence, or unrelated access.

Install this only if you want your agent to use Lokuli for lash-service searches and bookings. Before creating a booking, confirm the provider, service, time slot, and the name, email, and phone number that will be sent to Lokuli.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger text is broad enough to activate on essentially any lashes-related request, which can cause the skill to engage without clearly signaling that it will use a third-party booking service. In a booking context, overbroad routing increases the chance of unintended tool use and premature collection or transmission of user data to an external MCP endpoint.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill documents collection of customerName, customerEmail, and customerPhone for create_booking, but it does not warn the user that this personal data will be sent to Lokuli's external MCP server. In a consumer booking flow, missing disclosure and consent around third-party transmission of contact data creates meaningful privacy, compliance, and trust risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.