Duffel Flights

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Duffel flight-booking CLI that uses a Duffel API token to search, book, manage, and cancel flights, with risks users should understand before using live tokens.

Use sandbox Duffel tokens first. With live tokens, only run booking or confirmed cancellation commands after explicit user approval, because they can spend Duffel account balance, issue real tickets, send passenger details to Duffel and travel providers, or cancel existing orders. Avoid shared machines unless you are comfortable with temporary search/cancellation files under /tmp.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The booking flow instructs users to provide highly sensitive passenger PII, including full name, date of birth, email, phone number, nationality, and gender, which is then transmitted to an external flight-booking API. Without an explicit privacy notice, data-handling statement, retention policy, or consent warning, users may unknowingly expose regulated personal data and the agent may process more data than necessary.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal