Back to skill

Security audit

Book Pool Service

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: search for and book pool services through a disclosed Lokuli MCP endpoint.

Install this only if you intend to use Lokuli for pool-service search and booking. Before creating a booking, confirm the provider, time slot, and that your name, email, and phone number will be sent to the external booking service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger text is broad enough to activate on generic phrases like 'any pool-service service request,' which can cause the skill to run on ambiguous user intent. In a booking workflow, this increases the chance of collecting or transmitting user data to an external MCP service before the user clearly intended to engage this specific provider flow.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill defines a booking call that includes personal data fields such as customer name, email, and phone number, but it does not warn that this information will be sent to a third-party endpoint. This creates a privacy and consent risk because users may provide contact details without clear notice that their PII is being transmitted externally for booking.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.