Swiss Public Transport
Security checks across malware telemetry and agentic risk
Overview
This skill appears to only look up Swiss transport schedules through a public API, with no signs of credential access, persistence, or hidden behavior.
Safe for normal public transport lookups. Be aware that your origin, destination, date, and time queries are sent to transport.opendata.ch, and the service itself describes the API as unofficial; avoid using it for travel details you consider sensitive.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.