flexible-flights

Security checks across malware telemetry and agentic risk

Overview

This travel skill is not malicious, but it asks agents to install a global CLI and keep raw travel-query logs without clear user control.

Review before installing. Use it only if you are comfortable with a skill that may globally install a third-party npm CLI and store local logs of your travel requests; avoid entering passport numbers, payment details, loyalty accounts, or private itinerary information unless logging and setup are made explicit and user-controlled.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The runbook explicitly logs the raw user query and appends the generated execution log to a local file when writes are available, but provides no notice, consent, minimization, or retention controls. In a travel skill, user queries can contain sensitive personal or trip data such as names, dates, destinations, booking preferences, visa details, or other PII, so persisting them increases privacy, compliance, and data exposure risk if logs are accessed or reused.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal