Back to skill

Security audit

Luxury Travel Plan

Security checks across malware telemetry and agentic risk

Overview

This is a text-only luxury travel planning skill with disclosed external search guidance and no evidence of hidden execution, credential use, persistence, or destructive behavior.

Before installing, understand that this skill may steer travel planning toward expensive luxury options and may use an external search tool for vendors and booking links. Verify prices, availability, vendors, and links yourself, and require explicit confirmation before sharing personal documents, payment information, or making reservations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The manifest description uses broad triggers such as luxury travel, premium experiences, and best/most expensive options without clear boundaries, which can cause the skill to activate for many ordinary travel-planning requests. Over-broad activation is dangerous because it can route users into a specialized workflow that biases results toward costly products and unnecessary upselling rather than user intent.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
The skill content and output template are written to produce Chinese-language output and Chinese-market services like '24小时中文管家服务' without offering a language or locale choice. This is risky because it can mis-handle users in other languages or regions, present inaccessible recommendations, and degrade trust or correctness when the user's locale does not match the skill's assumptions.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.