ClawHub

Google Flights

Security checks across malware telemetry and agentic risk

Overview

This flight-search skill behaves as advertised, with expected local tracking files and optional scheduled checks that users should manage consciously.

Install only if you are comfortable with flight searches being handled through the fast-flights/Google Flights path and with route/date tracking history being saved locally under ~/clawd/memory. Remove tracked routes and delete those memory files when you no longer need alerts, and enable the cron example only if you want recurring background price checks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Low
Confidence
89% confidence
Finding
The skill advertises price tracking and cron-based monitoring while storing flight tracking data and price history in local files, but it does not clearly warn users that their travel queries and monitoring preferences are persisted. This creates a privacy and transparency issue because travel patterns, routes, and schedules may be sensitive personal information and could remain on disk longer than users expect.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This script persistently stores flight tracking selections and detailed price history in fixed files under the user's home directory without any notice, consent prompt, retention controls, or confidentiality safeguards. While the data is not highly sensitive by itself, travel routes and dates can reveal personal plans and habits, and silent persistence in agent-accessible memory increases privacy risk and unintended secondary use.

Missing User Warnings

Low
Confidence
78% confidence
Finding
The script stores watched routes and related travel-tracking state in a persistent file under the user's home directory without any explicit user-facing notice or consent. While this is not an exploit primitive by itself, it can expose sensitive travel patterns to other local users, backups, or logs if the host environment is shared or monitored.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal