TripAI

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Ctrip travel-query skill that sends travel requests to Ctrip and can optionally use a locally stored API key.

Install only if you are comfortable sending travel questions to Ctrip's service. Prefer using TRIPAI_API_KEY as an environment variable for short sessions, or set restrictive file permissions if storing the key locally; do not include passwords, payment data, or unrelated private information in travel queries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

External Transmission

Medium

Category: Data Exfiltration
Content: ```bash jq -n --arg token "$TRIPAI_API_KEY" --arg query "$USER_QUERY" \ 'if $token != "" then {token: $token, query: $query, source: "clawhub"} else {query: $query, source: "clawhub"} end' \ | curl -s -X POST https://wendao-skill-prod.ctrip.com/skill/query -H "Content-Type: application/json" -d @- ``` **参数说明**
Confidence: 93% confidence
Finding: curl -s -X POST https://wendao-skill-prod.ctrip.com/skill/query -H "Content-Type: application/json" -d

Session Persistence

Medium

Category: Rogue Agent
Content: **方式 A — 配置文件（推荐）：** ```bash mkdir -p ~/.config/tripai-skill echo "your_api_key" > ~/.config/tripai-skill/api_key ```
Confidence: 89% confidence
Finding: mkdir -p ~/.config/tripai-skill echo "your_api_key" > ~/.config/tripai-skill/api_key ``` **方式 B — 环境变量：** ```bash export TRIPAI_API_KEY="your_api_key" ``` Agent 会按优先级依次尝试：环境变量 → 配置文件。 ## 使用方法 ```

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal