ClawHub

rollinggo-flight-search-skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed flight-search skill that runs the RollingGo CLI and needs an API key; its main risks are install hygiene and credential handling, not hidden behavior.

Install only if you trust RollingGo and its CLI package. Prefer per-skill `ROLLINGGO_API_KEY` injection, avoid passing real keys on the command line, and avoid the pipe-to-shell installer unless you have reviewed or otherwise verified the script.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (7)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger text is overly broad and instructs the agent to 'always use this skill for flight-related queries,' including general travel-planning language. This can cause unintended invocation in contexts where a different tool, a safer workflow, or no external tool should be used, increasing the chance of unnecessary data disclosure and incorrect tool routing.

Missing User Warnings

Low
Confidence
90% confidence
Finding
The documentation instructs users to place an API key into an environment variable but does not include any guidance about protecting that credential, avoiding hardcoding, or preventing accidental exposure in logs, shell history, screenshots, or shared terminal sessions. In a skill centered on CLI-based flight searches, this omission can lead to unnecessary credential leakage by normal users following the examples verbatim.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation instructs users to pipe a remotely fetched script from GitHub directly into `sh`/`iex`, which executes unreviewed code immediately with the user's privileges. In an agent skill context, this is more dangerous because it normalizes unsafe installation behavior and could lead to arbitrary code execution if the remote content, repository, distribution path, or network channel is compromised.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation shows `--api-key YOUR_API_KEY` usage without warning that command-line secrets may be exposed via shell history, process listings, logs, or telemetry. In a skill used by agents and operators, this increases the chance that credentials are copied into unsafe invocation patterns and later leaked to other local users or monitoring systems.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The reference instructs users to execute remotely fetched shell and PowerShell installer scripts directly from GitHub without any integrity verification, pinning, or warning. This creates a supply-chain and arbitrary code execution risk: if the repository, branch, hosting path, or network path is compromised, users may run attacker-controlled code on their systems.

External Script Fetching

Low
Category
Supply Chain
Content
**Linux / macOS:**
```bash
curl -fsSL https://raw.githubusercontent.com/RollingGo-AI/rollinggo-flight-cli/main/scripts/install.sh | sh
rollinggo-flight --help
```
Confidence
96% confidence
Finding
curl -fsSL https://raw.githubusercontent.com/RollingGo-AI/rollinggo-flight-cli/main/scripts/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
**Linux / macOS:**
```bash
curl -fsSL https://raw.githubusercontent.com/RollingGo-AI/rollinggo-flight-cli/main/scripts/install.sh | sh
rollinggo-flight --help
```
Confidence
99% confidence
Finding
| sh

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal