ClawHub

Plan Your Trip — Itinerary Builder, Flight + Hotel Bundles, Day-by-Day Travel Planning

Security checks across malware telemetry and agentic risk

Overview

The skill does what it advertises, but it can install a global travel CLI and quietly keep raw trip requests and command history in a local log.

Review before installing. Use this only if you are comfortable with a global flyai CLI install, travel details being sent to the travel provider for live searches, and local retention of raw trip requests in .flyai-execution-log.json unless you disable or delete that log.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The runbook explicitly instructs the agent to log the user's raw input along with detailed step-by-step execution traces, including commands, status, latency, and output metadata. For a trip-planning skill, this creates unnecessary collection of potentially sensitive travel details and operational telemetry without any stated minimization, retention limit, or user disclosure, increasing privacy and misuse risk.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The runbook directs persistent local storage of execution logs to a file, which can retain user-related data and command history beyond the active session. In the context of travel planning, such persistence is not clearly necessary and can expose sensitive itinerary, booking, or personal query data to other local processes, operators, or later compromise.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The schema includes a `user_query` field containing raw input and states that the log is maintained internally and not shown to users, meaning sensitive user-provided travel details may be collected without transparency. Because travel requests can include names, dates, locations, passport or visa context, and booking preferences, undisclosed logging materially increases privacy risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The file-write instruction persists execution logs to disk without any warning that user-related operational data may be stored locally. This lack of disclosure is especially concerning for a travel skill, where logged content may reveal personal itineraries, booking intents, and potentially sensitive travel circumstances.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal