Back to skill

Security audit

Flight Price Comparison

Security checks across malware telemetry and agentic risk

Overview

The skill is not malicious, but it asks users to store real travel-account passwords in TOOLS.md and overstates flight-comparison features that are mostly unimplemented.

Review before installing. Do not put real travel-account passwords in TOOLS.md or a repository file; prefer QR/manual login, a password manager, OS keychain, or tightly scoped environment secrets. Treat any logged-in travel account as accessible to the agent, and verify prices manually because the included script does not currently perform real price extraction or comparison.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The top-level documentation claims the script queries and compares flight prices across platforms, but the implemented search functions only open pages and return empty results. This is a real integrity issue because users or downstream agents may rely on false capabilities, make travel decisions on nonexistent comparison data, or assume account-backed automation is working when it is not.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The class is presented as a 'full-network' flight price comparator, but it only opens two sites and never performs real comparison or extraction. In an agent skill context, this misleading representation increases operational risk because the skill may be invoked as if it were trustworthy automation while silently producing no meaningful data.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The document explicitly tells users to place flight-platform account passwords into TOOLS.md, which results in plaintext credential storage in a local configuration file. Even if intended for local-only use, such files are commonly exposed through backups, logs, screenshots, repo commits, or other local compromise, and the skill context increases sensitivity because these are real consumer travel accounts that may contain personal data, payment methods, and loyalty benefits.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.