ClawHub

航班动态查询

Security checks across malware telemetry and agentic risk

Overview

This package looks like a hotel aggregation skill, but its public identity and advertised booking/API capabilities do not line up cleanly with the visible implementation.

Review before installing. Use it only if you intended to install a hotel search tool, not a flight-status checker. Treat its real-time hotel data and booking claims as unverified until the publisher provides working provider integrations and clear consent/privacy terms for external searches and bookings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill explicitly requires calling multiple external platform APIs to fetch live hotel data, which implies network access, but the manifest does not declare any corresponding permission or data-access boundary. This creates a transparency and governance gap: operators and users cannot accurately assess what outbound access the skill needs, making abuse or unintended data egress harder to detect.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger condition is broad enough to activate on any hotel-search request, without clarifying user consent, supported geographies, supported providers, or whether only aggregation—not booking—should occur by default. Overbroad invocation can cause unnecessary sharing of user itinerary data with multiple external services and can route users into a high-data-exposure workflow unexpectedly.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill is designed to query and potentially book through multiple external hotel platforms, but it does not disclose that user search and booking details may be transmitted to those third parties. In this context, the omitted notice is more dangerous because hotel searches and bookings commonly involve sensitive travel dates, destination patterns, corporate travel details, and possibly personal identifiers.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal