ClawHub

expat-relocation

Security checks across malware telemetry and agentic risk

Overview

This flight-booking skill is purpose-aligned, but it directs agents to automatically install and run an unpinned global travel CLI with limited upfront consent or privacy disclosure.

Install only if you trust the `@fly-ai/flyai-cli` npm package and are comfortable with global installation and travel-query data being sent to an external provider. Prefer installing and reviewing the CLI yourself, ideally in an isolated environment, before letting the skill run flight searches.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The skill explicitly states that only parameters listed in the Parameters Table may be used, yet the direct-flight playbook invokes an undocumented `--journey-type` flag. This inconsistency can cause the agent to use unsupported or unreviewed CLI behavior, weakening command safety guarantees and making the skill harder to audit reliably.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill mandates `npm i -g @fly-ai/flyai-cli` when the tool is absent, which instructs the agent to modify the host environment by installing and then executing a global package. Doing so without explicit user consent, provenance checks, or sandboxing creates supply-chain and system-integrity risk, especially if the package is compromised or the environment is sensitive.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill requires mandatory CLI execution for all answers and provides no warning that user travel details may be sent to an external service through `flyai`. This can expose itinerary, location, and timing data without informed consent, creating privacy and compliance concerns.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal