Back to skill

Security audit

Cabin Flights

Security checks across malware telemetry and agentic risk

Overview

This skill clearly does what it claims, but it can submit passenger personal data and guide an agent into real USDC flight payments without enough explicit safeguards.

Review before installing. Use this only with explicit approval for each booking and each payment; verify passenger details, fare, Base network, USDC amount, deposit address, and checkout URL. Do not give the agent unattended wallet authority, and assume passenger data will be sent to Cabin and downstream travel providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README provides direct booking and payment instructions for a real flight-purchase workflow, including transmission of passenger PII and sending USDC, but it does not clearly warn users or agent developers that these actions create real bookings, involve sensitive personal data, and may irreversibly transfer funds. In an agent-skill context, this increases the risk that an autonomous or semi-autonomous agent could submit personal traveler data or trigger a purchase without sufficiently explicit user awareness or consent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The booking flow instructs collection and transmission of sensitive passenger PII, including full name, email, date of birth, and gender, to an external API without a clear privacy/data-handling warning. In an agent context, this increases the chance that users or downstream agents disclose regulated personal data without informed consent or understanding where it is sent.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill describes sending USDC on Base to a deposit address and even provides wallet command examples, but it does not clearly warn that blockchain transfers are irreversible and that sending funds to the wrong address, wrong chain, or wrong amount may permanently lose money. In an autonomous-agent setting, this omission is especially risky because the instructions could be operationalized directly into real financial transfers.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.