ClawHub

travai

Security checks across malware telemetry and agentic risk

Overview

TravAI is a coherent travel-booking skill, but it asks agents to handle account credentials, bearer tokens, passport-matching traveler details, wallet addresses, and payment creation with broad activation and limited consent guidance.

Review before installing. Use it only when you intend to search or book through TravAI, and do not provide passwords, bearer tokens, passport details, phone/email, wallet addresses, or payment information unless you are comfortable sending them to TravAI. Require explicit confirmation of itinerary, traveler details, final price, cancellation terms, payment method, token/network, refund wallet, and any payment creation step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill advertises very broad trigger phrases like general travel planning and inspiration, which can cause the agent to invoke it in loosely related conversations and unnecessarily collect credentials, passport data, contact details, or payment information. In a booking skill with payment capability, over-broad activation materially increases the chance of inappropriate data handling and unintended external API use.

Missing User Warnings

High
Confidence
96% confidence
Finding
The skill instructs the agent to sign users in, sign them up, accept pasted bearer tokens, and later collect passport-matching identity details, phone numbers, email addresses, and wallet/payment details without an upfront warning about the sensitivity of this data or explicit consent gating. This creates a meaningful risk of oversharing secrets and regulated personal data to a third-party service through the agent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal