ClawHub

airport-pickup-service

Security checks across malware telemetry and agentic risk

Overview

This travel-booking skill mostly does what it claims, but it can save raw travel queries locally without clear user notice or retention limits.

Review before installing. Use it only if you are comfortable installing a global flyai CLI and sending travel search details to the provider. Avoid entering unnecessary personal, passport, payment, or full itinerary details, and disable or delete .flyai-execution-log.json if the skill is used.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README states that the skill wraps an external CLI to provide real-time travel data and booking links, but it does not warn users that itinerary details, locations, dates, or other travel information may be transmitted to a third-party service. In a travel-booking context, users are likely to provide sensitive personal and trip data, so the lack of disclosure can lead to unintended data sharing and privacy risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The runbook explicitly stores `user_query` as raw input in an internal execution log and instructs appending that log to a local file. In a travel-booking skill, user prompts may contain PII such as names, phone numbers, passport details, flight numbers, addresses, and payment-adjacent data, so persisting raw input without clear minimization, retention limits, or user notice creates a real privacy and data leakage risk.

Ssd 3

Medium
Confidence
97% confidence
Finding
The runbook directs the agent to log natural-language user input, CLI commands, fallback behavior, and then persist the full execution record to disk. Because this skill handles airport pickup and broader travel services, logs can easily capture sensitive travel itineraries and personal identifiers, increasing exposure through accidental disclosure, over-retention, or compromise of the host environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal