Back to skill

Security audit

Discover and Book Activities in Any City

Security checks across malware telemetry and agentic risk

Overview

This skill coherently helps users search and optionally book real-world activities through Outgoing, with credentials and real-charge booking behavior disclosed in the relevant workflows.

Install only if you are comfortable sending activity, dining, travel, work-meeting, location, and preference details to Outgoing. Searches are read-only, but ticket purchases and restaurant reservations can create real commitments or charges, so use dry-run testing first and require a clear final confirmation before submitting any real payment token.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This skill advertises booking tickets and reserving tables but does not prominently warn that those actions have real-world side effects and may commit money or reservations. In an agentic environment, unclear disclosure can lead to unintended purchases or bookings if a user asks broadly for help and the agent proceeds without a clear confirmation boundary.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to send natural-language user queries and an authorization token to Outgoing, but it does not explicitly warn that user-provided planning details will be transmitted to a third-party service. In a work-meetup context, prompts may contain sensitive business information such as client names, meeting purposes, locations, budgets, or internal plans, so lack of disclosure and consent increases privacy and data-handling risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.