Aerobase Travel Concierge

Security checks across malware telemetry and agentic risk

Overview

This travel skill is transparent about using Aerobase, but it gives an agent access to booking, cancellation, payment-adjacent, and wallet-changing actions without enough built-in confirmation guidance.

Install only if you are comfortable giving an agent Aerobase API access to sensitive travel and account data. Use it freely for search and planning, but require manual confirmation before any booking, cancellation, card or wallet change, loyalty-program change, payment-related step, boarding-pass storage, or delete action.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (8)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill is positioned as an all-in-one travel concierge with very broad invocation scope and few concrete trigger boundaries. In an agent setting, overly broad scope increases the chance the skill is invoked for high-impact actions like booking or cancellation without sufficient user confirmation, narrowing, or policy gating.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The documented hotel booking and cancellation endpoints enable real-world transactions, but the skill text does not clearly require an explicit user confirmation immediately before purchase or cancellation. That creates a meaningful risk of unintended financial charges, reservation creation, or destructive cancellation by an autonomous or misaligned agent.

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: The reference exposes authentication, booking, payment, and destructive capabilities but provides no guidance about confirmation requirements, secure handling of API keys, payment data, or safeguards before executing state-changing actions. In an agent skill context, this omission can lead to unsafe automation where the agent performs sensitive operations without adequate user consent or validation.

Tool Parameter Abuse

High

Category: Tool Misuse
Content: - `GET /api/v1/hotels/bookings?guestId=...` - List bookings by guest - `GET /api/v1/hotels/bookings/all` - All bookings with date filters - `GET /api/v1/hotels/bookings/{id}` - Booking detail - `DELETE /api/v1/hotels/bookings/{id}` - Cancel booking - `POST /api/v1/hotels/bookings/{id}/amend` - Get alternative rates for amendments - `GET /api/v1/hotels/chains` - Hotel chain reference data - `GET /api/v1/hotels/currencies` - Supported currencies
Confidence: 91% confidence
Finding: DELETE /api/v1/hotels/bookings/{id}`

Tool Parameter Abuse

High

Category: Tool Misuse
Content: - `GET /api/v1/wallet` - Full wallet summary - `GET /api/v1/wallet/cards` - List credit cards - `POST /api/v1/wallet/cards` - Add credit card - `DELETE /api/v1/wallet/cards` - Remove credit card - `GET /api/v1/wallet/points` - List point balances - `PUT /api/v1/wallet/points` - Update point balance - `DELETE /api/v1/wallet/points` - Remove point balance
Confidence: 89% confidence
Finding: DELETE /api/v1/wallet/cards`

Tool Parameter Abuse

High

Category: Tool Misuse
Content: - `DELETE /api/v1/wallet/cards` - Remove credit card - `GET /api/v1/wallet/points` - List point balances - `PUT /api/v1/wallet/points` - Update point balance - `DELETE /api/v1/wallet/points` - Remove point balance - `GET /api/v1/wallet/programs` - List loyalty programs - `POST /api/v1/wallet/programs` - Add loyalty program - `DELETE /api/v1/wallet/programs` - Remove loyalty program
Confidence: 88% confidence
Finding: DELETE /api/v1/wallet/points`

Tool Parameter Abuse

High

Category: Tool Misuse
Content: - `DELETE /api/v1/wallet/points` - Remove point balance - `GET /api/v1/wallet/programs` - List loyalty programs - `POST /api/v1/wallet/programs` - Add loyalty program - `DELETE /api/v1/wallet/programs` - Remove loyalty program - `GET /api/v1/credit-cards` - Credit card transfer partners ### Recovery
Confidence: 88% confidence
Finding: DELETE /api/v1/wallet/programs`

Tool Parameter Abuse

High

Category: Tool Misuse
Content: ### Saved Items - `GET /api/v1/saved-items` - List saved items - `POST /api/v1/saved-items` - Save an item - `DELETE /api/v1/saved-items/{id}` - Remove saved item ### Itinerary - `POST /api/v1/itinerary/plan` - Generate itinerary plan
Confidence: 80% confidence
Finding: DELETE /api/v1/saved-items/{id}`

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal