Security audit

Private Car

Security checks across malware telemetry and agentic risk

Overview

This travel-booking skill is mostly purpose-aligned, but it tells the agent to save raw user travel requests in a local internal log without clear user consent or retention controls.

Review before installing. Only use this if you are comfortable installing and running the flyai CLI and sending travel queries to that service. Avoid entering passport numbers, booking references, phone numbers, or other sensitive details, and check for .flyai-execution-log.json if you want to remove saved query history.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The runbook explicitly stores the user's raw input in an internal execution log and persists that log to a local file if writes are available. In a travel-booking skill, raw queries can contain sensitive personal and trip data such as names, phone numbers, passport or visa details, booking references, and itineraries, so retaining them without clear minimization, consent, redaction, or retention controls creates a real privacy and data-exposure risk.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal