Back to skill

Security audit

MyDriverParis Booking

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward booking helper for a chauffeur service and its network/payment behavior is disclosed and aligned with that purpose.

Before installing, understand that using the skill will send ride details and passenger contact information to MyDriverParis's remote MCP service, and completed bookings will involve a Stripe payment link. Verify quote details before payment and do not treat a ride as confirmed until payment is complete.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.