Linz Public Transport

Security checks across malware telemetry and agentic risk

Overview

This skill is a narrow Linz public-transport lookup helper; its main caveat is that the default transit API URL uses plain HTTP.

Install only if you are comfortable with the agent sending stop names or stop IDs to the configured Linz EFA endpoint. Prefer an HTTPS base URL if it works, and do not set LINZ_TRANSPORT_API_BASE_URL or --base-url to an endpoint you do not trust.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Low

Confidence: 94% confidence
Finding: The skill description omits a clear user warning that it performs live requests to external public-transport endpoints and that the documented default base URL uses insecure HTTP. Using HTTP allows a network attacker to observe or tamper with requests and responses, which could mislead users about stop data or departure information and undermine trust in the tool's output. Because this skill is specifically built around remote lookups, the missing warning and insecure default are materially relevant to safe use.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The default API base URL uses plain HTTP, so stop queries and stop IDs are sent without transport encryption and the responses can be modified in transit by a network attacker. Even though the data is not highly sensitive, this enables eavesdropping, response tampering, and misleading departure information, which is a real security issue for a networked skill.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal