Back to skill

Security audit

search-hotel

Security checks across malware telemetry and agentic risk

Overview

This is a coherent hotel-search skill with normal external-service and API-key handling risks, but no evidence of hidden, destructive, or unrelated behavior.

Before installing, verify that the rollinggo package and AIGOHOTEL service are the provider you intend to use. Prefer setting AIGOHOTEL_API_KEY as an environment variable instead of passing it with --api-key, and avoid entering unnecessary sensitive personal details in hotel searches.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation explicitly shows passing the API key on the command line, which can expose the secret via shell history, terminal logging, CI logs, and process listings visible to other local users. In a skill intended for agent use, this is especially risky because examples are likely to be copied verbatim and may be surfaced in automated execution contexts where command arguments are logged.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The file documents live hotel search and detail commands that send user-provided travel queries, locations, dates, occupancy, and possibly preferences to an external service, but it does not clearly disclose that data leaves the local environment. This creates a privacy and consent risk, particularly for agent workflows where users may assume local processing unless outbound transmission is made explicit.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The reference explicitly demonstrates passing the API key via the `--api-key` command-line flag. Secrets supplied on the command line are commonly exposed through shell history, terminal logs, process listings, and CI/job telemetry, which can leak credentials to other local users or logging systems. In this skill context, users are likely to copy-paste the example directly, increasing the chance of credential exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.