ClawHub

酒店聪明订

Security checks across malware telemetry and agentic risk

Overview

This hotel comparison skill is coherent and does not show malware-like behavior, but users should know it sends travel queries to a proxy service and may prefer an affiliate-bearing RG link when prices tie.

Before installing, consider that your hotel search details will be sent to the publisher's proxy service and then to travel platform APIs. Treat booking advice as commercial guidance, not neutral financial advice, and compare the displayed platform links yourself when prices, cancellation terms, or breakfast policies are similar.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The advisor path sorts equally priced results using a hard-coded commission preference that puts RG first, which introduces an undisclosed conflict of interest into a tool ներկայացted as objective price comparison and booking advice. Even when prices are equal, steering users toward affiliate-bearing links can bias recommendations and erode user trust; if room policies or booking terms differ, this can also cause users to choose a less suitable option without transparent justification.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The function is documented as an exact RG price comparison, but the implementation and surrounding flow use RG booking URLs and later preferential ordering tied to commission-bearing links. This mismatch is dangerous because it misrepresents the purpose of the feature, making users and downstream agents believe the result is neutral comparison when it may be optimized for monetized conversion.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal