Back to skill

Security audit

Book Spa

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Lokuli spa search and booking helper, but users should confirm details before sending contact information or creating an appointment.

Install this only if you want an agent to use Lokuli for spa searches and bookings. Before creating a booking, verify the provider, service, time slot, and contact details that will be sent to Lokuli.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger description is broad enough to activate on general spa-related requests without clearly constraining scope, which can cause unintended invocation of this skill. In a booking skill connected to an external MCP endpoint, accidental activation increases the chance of premature data collection or booking flow initiation for users who only wanted information or recommendations.

Missing User Warnings

High
Confidence
95% confidence
Finding
The skill includes a create_booking action that transmits personal data such as name, email, and phone number to an external service, but the description does not warn users or operators about this data transfer. This is dangerous because users may disclose sensitive personal information without informed consent, and the skill may facilitate privacy, compliance, or trust failures when interacting with a third-party endpoint.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.