Back to skill

Security audit

Super Auto Body

Security checks across malware telemetry and agentic risk

Overview

This skill is for auto-body appointment booking, but it gives an agent broad, automated third-party booking instructions without clear consent or confirmation steps.

Review before installing. Use only if you are comfortable with an agent contacting Lokuli and potentially sharing booking details and personal contact information. Before any booking, require the agent to show the provider, service, time, and exact personal details to be sent, then wait for explicit confirmation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description is overly broad and includes phrases like 'find auto-body near me' or 'any related service,' which can cause the agent to activate in contexts the user did not intend. Because this skill can initiate external searches and bookings, ambiguous triggering increases the chance of unintended third-party actions and unnecessary exposure of user context to the Lokuli MCP endpoint.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill advertises fully automated booking and the example create_booking call transmits customer name, email, and phone number to an external MCP server, but the skill provides no warning, consent flow, or privacy disclosure. In this context, that is particularly dangerous because the capability is transactional and involves sharing personally identifiable information with a third party, creating risks of unauthorized data disclosure and unintended bookings.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.