Back to skill

Security audit

Book Tattoo

Security checks across malware telemetry and agentic risk

Overview

This skill appears to only help search and book tattoo appointments through a disclosed Lokuli service, but users should confirm before sharing contact details or making a booking.

Install only if you want help finding and booking tattoo services through Lokuli. Before any booking is submitted, confirm the artist/provider, service, time slot, and that your name, email, and phone number will be sent to the external booking service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger description includes broad phrases like 'find tattoo near me' and 'any tattoo service request', which can cause the skill to activate for generic informational or exploratory queries rather than clear booking intent. In a skill that can lead to provider lookup and eventual booking workflows, overbroad activation increases the chance of unnecessary third-party data transmission or user steering without sufficiently explicit consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill documents a booking flow that sends personal data including name, email, and phone number to an external MCP endpoint, but it does not instruct the agent to warn the user or obtain explicit consent before collecting and transmitting that information. This is dangerous because users may disclose sensitive contact data without understanding it will be shared with a third-party service, creating privacy and compliance risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.