Parking Finder

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward parking search helper that sends user-provided parking and location queries to Camino's API using a Camino API key.

Install it only if you trust Camino and the publisher. Use a Camino API key with limits you are comfortable with, and avoid sending precise destinations or coordinates unless you are comfortable sharing that search data with Camino's service.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The script sends user-supplied query and optional location data (lat/lon, radius) to Camino's external API without any explicit notice, consent, or data-handling warning. In a skill context, destination and parking searches can reveal sensitive travel patterns or precise location information, so silent transmission to a third party is a real privacy/security issue even if it is necessary for functionality.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal