Booking Extranet Manager
Security checks across malware telemetry and agentic risk
Overview
This skill is coherent Booking.com automation, but it needs review because it can use live account access to message guests and change rates through external code that is not included in the scanned package.
Install only if you trust and review the external booking-extranet-bot code and are comfortable giving it Booking.com partner credentials, optional 2FA automation, and a persistent browser session. Require manual review before sending any guest message or changing rates, protect the .env and .chrome-data directories, and confirm this automation is allowed for your Booking.com account.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.