Thailand

Security checks across malware telemetry and agentic risk

Overview

This is a Thailand travel and relocation guide that keeps optional planning context in a scoped local file and shows no evidence of hidden network access, destructive behavior, or credential use.

Before installing, be aware that the skill may create ~/thailand/memory.md and keep travel or relocation preferences there. Avoid storing highly sensitive details unless needed, review or delete that file if you no longer want the context retained, and re-check official sources before acting on visa, legal, medical, tax, or business advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill directs the agent to read and update a persistent local memory file containing user travel context, constraints, and potentially sensitive personal details, but it does not require a clear user-facing disclosure or consent flow for that storage. This creates a privacy risk because users may unknowingly have personal relocation, health, family, visa, or work information retained across sessions on disk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal