全球机票查询Skill-by RollingGo

Security checks across malware telemetry and agentic risk

Overview

The skill is a legitimate flight-search helper, but its docs normalize unsafe remote installer execution and weak credential handling.

Install only if you trust RollingGo and the referenced CLI packages. Prefer the npm or uv package-manager paths over the standalone curl/irm installer, avoid piping remote scripts directly into a shell, keep ROLLINGGO_API_KEY out of command-line arguments and shared logs, and assume flight origins, destinations, dates, passenger counts, and cabin choices are sent to RollingGo for processing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (10)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill documentation instructs users to provide an API key and send structured flight-search inputs to the RollingGo service, but it does not clearly disclose that travel itinerary data will be transmitted to an external third party. Travel searches can reveal sensitive personal or business information such as planned destinations, dates, and travel patterns, so the lack of an explicit data-sharing warning creates a meaningful privacy and informed-consent risk.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The workflow explicitly instructs users to place an API key in an environment variable but provides no warning about treating the credential as sensitive, avoiding hardcoding, or preventing accidental disclosure in shared shells, screenshots, logs, or checked-in scripts. While using environment variables is common practice, documentation that omits basic credential-handling guidance can lead to credential exposure through user misuse rather than a direct exploit in the file itself.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The documentation instructs users to fetch and immediately execute remote installer scripts via a shell/PowerShell pipe, which removes the opportunity to inspect the script and creates a direct remote code execution path if the source, repository, CDN, or network path is compromised. In a skill that may be followed by automation-capable agents or users, this is more dangerous because the unsafe installation pattern is presented as a normal setup path without any warning or verification guidance.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The API key examples include passing secrets directly on the command line, which can expose credentials through shell history, process listings, logging systems, CI output, and telemetry. In a CLI skill context, users and agents may copy these examples verbatim, making accidental credential disclosure more likely.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The documentation instructs users to fetch and immediately execute remote installer scripts via a shell pipeline, without any warning to inspect, pin, or verify the script. This creates a supply-chain and arbitrary-code-execution risk: if the upstream repository, network path, or script content is compromised, users may run attacker-controlled code on their systems.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The examples encourage passing the API key directly on the command line but do not warn that command-line arguments may be exposed through shell history, process listings, logs, or telemetry. This can leak credentials to other local users, administrators, monitoring tools, or recorded terminal sessions.

External Script Fetching

Low

Category: Supply Chain
Content: **Linux / macOS：** ```bash curl -fsSL https://raw.githubusercontent.com/RollingGo-AI/rollinggo-flight-cli/main/scripts/install.sh | sh rollinggo-flight --help ```
Confidence: 97% confidence
Finding: curl -fsSL https://raw.githubusercontent.com/RollingGo-AI/rollinggo-flight-cli/main/scripts/install.sh | sh

External Script Fetching

Low

Category: Supply Chain
Content: **Linux / macOS：** ```bash curl -fsSL https://raw.githubusercontent.com/RollingGo-AI/rollinggo-flight-cli/main/scripts/install.sh | sh rollinggo-flight --help ```
Confidence: 96% confidence
Finding: curl -fsSL https://raw.githubusercontent.com/RollingGo-AI/rollinggo-flight-cli/main/scripts/install.sh | sh

Chaining Abuse

High

Category: Tool Misuse
Content: **Linux / macOS：** ```bash curl -fsSL https://raw.githubusercontent.com/RollingGo-AI/rollinggo-flight-cli/main/scripts/install.sh | sh rollinggo-flight --help ```
Confidence: 98% confidence
Finding: | sh

Chaining Abuse

High

Category: Tool Misuse
Content: **Linux / macOS：** ```bash curl -fsSL https://raw.githubusercontent.com/RollingGo-AI/rollinggo-flight-cli/main/scripts/install.sh | sh rollinggo-flight --help ```
Confidence: 98% confidence
Finding: | sh

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal