Flight Price Advisor with Trend Chart for developer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed flight price chart component, but users should understand that real historical data depends on configuration and local price-history storage is described without retention controls.

Install only if you are comfortable configuring a SerpAPI key and with route-level price search snapshots being stored locally. Keep API keys out of committed files, clearly label simulated or partial data, avoid relying on the chart as guaranteed market history, and add retention/deletion controls before using the storage or scheduled-collection examples in production.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (9)

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The document explicitly states the skill currently uses mock/generated data by default, which conflicts with the skill metadata claiming real-time SerpAPI-backed 60-day flight price history. This is a security-relevant integrity issue because users or downstream agents may make travel or purchasing decisions based on fabricated or estimated data presented as real market history.

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The documented mock history generator only produces 30 days of data, while the skill description promises 60-day price history. This creates a misleading capability claim and can cause agents to overtrust the completeness and recency of the visualization, reducing decision integrity.

Context-Inappropriate Capability

Medium

Confidence: 88% confidence
Finding: The proposed design adds persistent storage of flight search snapshots to local files, expanding the skill from chart rendering into long-term data collection and retention. This increases privacy, data governance, and attack-surface risks because search-derived records are retained without any documented retention limits, access controls, sanitization, or consent model.

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: The scheduled background collection of popular routes introduces unsolicited monitoring behavior beyond the manifest's on-demand embedding purpose. This can create compliance, cost, and abuse risks by continuously querying third-party services and accumulating datasets unrelated to a specific user request.

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The document materially expands the skill from a narrow chart-embedding function into collecting, retaining, and building a historical flight-price dataset. That introduces persistence, data collection, and secondary-use behavior not implied by the stated skill purpose, increasing the risk of over-privileged implementation, undisclosed storage, and scope creep.

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The planned scheduled collection of prices for popular routes is background harvesting unrelated to a user’s immediate chart request. In an agent skill advertised as visualization-only, this creates unjustified autonomous network activity and data accumulation, which can be abused for resource consumption, policy bypass, or undisclosed data gathering.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: A background scheduler plus bulk route collection is not necessary for embedding a chart in a response and therefore represents excess capability beyond the skill’s claimed scope. Excess autonomous behavior is dangerous because it increases attack surface, can trigger uncontrolled external API usage, and may perform actions operators and users do not expect.

Context-Inappropriate Capability

Low

Confidence: 84% confidence
Finding: The documented ability to persist data locally in JSON files or SQLite is broader than what is required for a simple visualization skill. While not inherently malicious, undocumented local storage can create retention, integrity, and operational risks if later implemented without access controls, limits, or disclosure.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The documentation states that every user flight search will automatically collect and persist price data, but it does not clearly warn operators or end users about this retention behavior, retention scope, or any consent/privacy implications. Even if the stored fields appear limited, search-derived travel data can reveal user interests and travel patterns, making undisclosed persistence a privacy and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal