ClawHub

行程预订中心

Security checks across malware telemetry and agentic risk

Overview

This travel skill claims live Booking.com booking support, but its code returns hardcoded hotel, room, price, and review data instead of real API results.

Review before installing. Do not rely on this skill for real availability, pricing, taxes, cancellation terms, reviews, or reservations unless it is updated to call live Booking.com APIs, label any demo data clearly, and add explicit confirmation safeguards for booking or cancellation actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill describes live Booking.com API usage and reservation operations, which require outbound network access, yet no explicit permission declaration is present. This creates a transparency and policy gap: users and reviewers are not clearly informed that external requests will occur and travel-related data may be transmitted to third parties.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The formatter asserts that prices are tax-inclusive and that free cancellation is supported without checking any corresponding fields in the result data. In a travel-booking context, these claims can mislead users into making purchase decisions based on false pricing or refund assumptions, creating financial harm and dispute risk.

Description-Behavior Mismatch

Medium
Confidence
87% confidence
Finding
The skill metadata advertises booking and reservation-management support, but this file implements only browsing-style features: search, details, availability, reviews, and formatting. In an agent setting, this capability mismatch can cause the system or user to rely on actions the skill cannot safely perform, increasing the risk of failed workflows, misleading confirmations, or unsafe downstream assumptions.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill supports creating, querying, and canceling hotel reservations but does not warn users that personal data, itinerary details, and potentially payment-linked reservation information may be shared with Booking.com or partners. Because these actions can directly affect real bookings and incur financial or travel disruption, missing disclosure and confirmation safeguards increase the risk of unauthorized or unintended account-impacting operations.

VirusTotal

VirusTotal engine telemetry is currently stale for this artifact.

View on VirusTotal