Back to skill

Security audit

Travel Planner

Security checks across malware telemetry and agentic risk

Overview

This travel-planning skill uses local scripts and limited external lookups in ways that match its stated purpose.

Install in a virtual environment, consider pinning dependencies before production use, and remember that weather and currency commands send destination or currency queries to external API providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill advertises executable scripts with file read/write and network behavior, but no permissions are declared. This creates a transparency and policy-enforcement gap: a host system or reviewer cannot accurately constrain the skill's access, and users may invoke functionality without understanding that local files and external APIs are involved.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
geopy>=2.4.0
python-dateutil>=2.8.0
jinja2>=3.1.0
Confidence
97% confidence
Finding
requests>=2.31.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
geopy>=2.4.0
python-dateutil>=2.8.0
jinja2>=3.1.0
pandas>=2.0.0
Confidence
96% confidence
Finding
geopy>=2.4.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
geopy>=2.4.0
python-dateutil>=2.8.0
jinja2>=3.1.0
pandas>=2.0.0
openpyxl>=3.1.0
Confidence
96% confidence
Finding
python-dateutil>=2.8.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
geopy>=2.4.0
python-dateutil>=2.8.0
jinja2>=3.1.0
pandas>=2.0.0
openpyxl>=3.1.0
Confidence
98% confidence
Finding
jinja2>=3.1.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
geopy>=2.4.0
python-dateutil>=2.8.0
jinja2>=3.1.0
pandas>=2.0.0
openpyxl>=3.1.0
Confidence
96% confidence
Finding
pandas>=2.0.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-dateutil>=2.8.0
jinja2>=3.1.0
pandas>=2.0.0
openpyxl>=3.1.0
Confidence
96% confidence
Finding
openpyxl>=3.1.0

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.