Back to skill

Security audit

Book Pilates

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Pilates booking, but it can contact an external service and create real reservations with personal contact details without clear consent safeguards.

Review before installing. Use this skill only when you intend to search for or book Pilates through Lokuli, and instruct the agent to show the provider, service, time, price if available, and exact contact details for explicit approval before sending personal information or creating a reservation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger language is broad enough to activate on generic pilates-related requests, which can cause the agent to invoke a booking workflow when the user may only want information or recommendations. In a transactional skill that can search providers and create bookings, overbroad activation increases the chance of unintended external calls and premature collection or transmission of user data.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill facilitates booking through an external MCP service and the example booking payload includes personal data such as name, email, and phone number, but the description does not warn that this information will be transmitted off-platform. Without clear disclosure and consent, the agent could collect and send sensitive contact information to a third party unexpectedly, creating privacy, compliance, and trust risks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.