Back to skill

Security audit

Service Booking

Security checks across malware telemetry and agentic risk

Overview

This skill coherently helps users find and book local services through Lokuli, with confirmation before booking, but users should understand that booking details go to an external service.

Install only if you are comfortable using Lokuli for local-service booking. Before approving a booking or opening the Stripe checkout link, verify the provider, service, price, date, and time, and only share contact details you are willing to send to the booking service and provider.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The manifest description is broad enough to trigger on many ordinary local-service requests, which increases the chance the agent invokes this skill in situations where the user did not intend to share booking-related details with an external provider. In a booking skill, over-triggering is security-relevant because it can steer conversations toward collecting location and contact data and initiating third-party transactions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The workflow instructs the agent to collect name, email, phone, and ZIP-linked service information, but it does not clearly warn that this personal data will be transmitted to Lokuli and potentially payment processors such as Stripe. This weakens meaningful user consent and creates privacy and data-handling risk, especially because the skill facilitates real-world service bookings with third-party providers.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.