FlyAI Flight Tracker

Security checks across malware telemetry and agentic risk

Overview

This flight-tracking skill is purpose-aligned, but it tells an agent to automatically install an unpinned global npm tool on the user's machine.

Review before installing. Use this only if you are comfortable sharing travel search details with the FlyAI/Fliggy service, and do not let an agent perform the global npm install automatically; install a reviewed, pinned version yourself or use a contained environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to install a global npm package without prior user consent or a clear warning that it will modify the host environment. In an agent setting, automatic package installation expands the attack surface, can introduce untrusted code execution, and may alter system state unexpectedly.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The fallback workflow tells the agent to automatically run 'npm i -g @fly-ai/flyai-cli' when the command is missing, which is an execution path that changes the system without consent. Because npm install scripts may execute arbitrary code and global installs affect the broader environment, this behavior is dangerous in a semi-autonomous agent context.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal