Back to skill

Security audit

Book Lawyer

Security checks across malware telemetry and agentic risk

Overview

The skill appears designed for lawyer booking, but it may send sensitive legal-service booking details and contact information to an external service without clear user-facing consent instructions.

Install only if you are comfortable using Lokuli as a third-party booking provider. Before any booking is created, confirm what information will be sent, avoid sharing legal details beyond what is necessary, and use the skill only when you actually intend to search for availability or schedule a lawyer.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger description is broad enough to activate on essentially any lawyer-related request, which can cause the skill to be invoked when the user only wants general legal information rather than booking services. In this context, unintended invocation is risky because the skill is wired to an external MCP booking endpoint and may steer the interaction toward third-party service use without clear user intent.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill sends sensitive personal data including customer name, email, phone number, and potentially location-related search data to an external service endpoint, but the description does not warn the user or require explicit consent for that transmission. Because legal services can involve highly sensitive matters, the absence of a clear disclosure materially increases privacy, trust, and compliance risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.