Flight Itinerary Ocr

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward flight-itinerary OCR wrapper, but users should know it uploads selected documents to Scnet's hosted API.

Install only if you are comfortable sending the selected itinerary, ticket, or invoice files to Scnet for OCR. Keep the API key in the local config file or environment, avoid pasting it into chat, and confirm the exact file path before running the skill on sensitive documents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill documentation describes capabilities to read local files, invoke Python from the shell, and send the file contents to an external OCR API, but it does not declare any permissions or constraints for those operations. This creates a trust and policy gap: an agent may auto-run a skill with broader access than users expect, increasing the chance of unintended local file access or data exfiltration.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The skill says the AI will auto-trigger based on broad description keywords, but it does not define precise trigger conditions, exclusions, or a confirmation step before accessing a local path and uploading document contents. Vague activation rules can cause the agent to invoke the skill on unintended inputs, leading to accidental processing or external transmission of sensitive personal data from travel documents.

External Transmission

Medium

Category: Data Exfiltration
Content: SCNET_API_KEY=your_scnet_api_key_here # API 基础地址（一般无需修改） SCNET_API_BASE=https://api.scnet.cn/api/llm/v1 ``` 2. 添加：`SCNET_API_KEY=你的密钥` 3. 设置文件权限为 600（仅所有者可读写）
Confidence: 92% confidence
Finding: https://api.scnet.cn/

External Transmission

Medium

Category: Data Exfiltration
Content: | 变量名 | 默认值 | 说明 | |--------|--------|------| | SCNET_API_KEY | 必需 | Scnet API 密钥 | | SCNET_API_BASE | https://api.scnet.cn/api/llm/v1 | API 基础地址（一般无需修改） | ### 输出
Confidence: 92% confidence
Finding: https://api.scnet.cn/

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal