ClawHub

amidyfortest

Security checks across malware telemetry and agentic risk

Overview

This travel-query skill is coherent and limited to forwarding travel questions to a booking backend, but users should trust that backend and configure the user ID/environment before use.

Before installing, confirm that the booking backend is trusted, set your own `BOOKING_API_USER_ID`, choose `fat` instead of `prod` if you are testing, and avoid sending unrelated sensitive information in travel questions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI07: Insecure Inter-Agent Communication
Low
What this means

Your full travel request may be sent to and processed by the configured booking backend.

Why it was flagged

The skill forwards the complete user request to a backend assistant endpoint, so any travel details in the prompt are processed by that configured service.

Skill content
The `--query` value should be the user's **full original message** (do not rewrite or simplify) ... API Base URL ... `http://host.docker.internal:8763`
Recommendation

Use only a trusted backend URL and avoid putting unrelated sensitive information in travel queries.

#
ASI03: Identity and Privilege Abuse
Low
What this means

Queries could be made under the default backend user ID rather than the user's intended account or test identity.

Why it was flagged

Requests default to a fixed production user identifier unless overridden, which may associate queries with that identity in the backend.

Skill content
User ID | `--user-id` | `BOOKING_API_USER_ID` | `624e5b8b3f4a2f4ec566e3d3` ... Environment | `--env` | `BOOKING_API_ENV` | `prod`
Recommendation

Set `BOOKING_API_USER_ID` or `--user-id` to the correct user, and use the test environment if production data is not intended.

#
ASI04: Agentic Supply Chain Vulnerabilities
Low
What this means

The safety and privacy of the skill depend on the separately installed backend service and how it is hosted.

Why it was flagged

The skill relies on a separate backend module/service outside the provided wrapper script, and the suggested server bind address may expose that service beyond localhost if the user runs it.

Skill content
check that the FastAPI server is running (`uvicorn booking_assitant.fastapi_serve:app --host 0.0.0.0 --port 8763`)
Recommendation

Run only a trusted backend, prefer binding it to localhost when possible, and confirm its source before using it with personal travel data.