ClawHub

Pan Pac

Security checks across malware telemetry and agentic risk

Overview

This is a Pan Pacific Travel workflow note that openly delegates email, calendar, and booking tasks to other named skills; it handles sensitive business data but does not hide that purpose or include executable behavior.

Install only if you intend this agent to work with Pan Pacific Travel email, calendar, booking, document, and attachment workflows. Review the referenced lynx-skill and outlook-entra skills separately, confirm they restrict access to the right accounts and records, and require user confirmation before uploads, attachment handling, or booking changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The activation text is broad enough to match many ordinary requests about emails, messages, calendar events, or bookings, which can cause the skill to activate outside a clearly bounded Pan Pacific workflow. Because this skill routes into capabilities involving business communications and booking systems, over-activation increases the chance of unintended access to sensitive data or execution of actions in the wrong context.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly delegates to systems that can read emails and calendar data and manage documents and attachments, but it provides no guardrails about consent, scope limitation, or confirmation for potentially sensitive or data-modifying operations. In a travel-agency context, these systems likely contain personal, financial, and itinerary data, so silent delegation can lead to privacy violations, unauthorized disclosure, or accidental uploads/modifications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal