ClawHub

Moltravel - The Travel Agent for AI Agents

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed travel-planning connector to a remote MolTravel MCP service, with privacy caveats but no evidence of hidden, destructive, or credential-seeking behavior.

Install only if you are comfortable with travel-related prompts and lookup parameters being sent to MolTravel's remote MCP service. Avoid providing passport numbers, payment details, account credentials, or unusually sensitive itinerary information unless you have verified the provider's privacy practices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill advertises automatic activation for broadly defined travel-related requests, which can cause it to trigger on ordinary conversation and route user prompts to an external MCP-backed capability without clear user intent. In a plugin that performs remote lookups, overbroad triggering increases the chance of unnecessary data disclosure and unintended external tool use.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The README states that the plugin automatically makes the `molttravel` MCP endpoint available but does not clearly warn that user travel queries may be transmitted to a third-party remote service. This weakens informed consent and can expose sensitive itinerary, passport/visa, or location data to an external provider unexpectedly.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger text is very broad and includes catch-all phrasing like 'anything related to international travel logistics,' which can cause the skill to activate for loosely related requests. Overbroad activation increases the chance that user queries and travel details are unnecessarily routed to this external MCP service, expanding data exposure and causing unintended tool use.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly directs the agent to use an external MCP endpoint and multiple third-party travel services, but it provides no user-facing warning that itinerary, destination, passport/visa context, and related travel data may be transmitted off-platform. In a travel context this is materially sensitive personal data, so lack of transparency can lead to inadvertent disclosure without informed user consent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal