Check Bookings Phone

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it claims, but it can automatically approve phone permissions or agreements while operating a logged-in travel app.

Install only if you are comfortable letting it control the intended Android device and Ctrip account, and use a vision-model provider whose data handling you trust. Keep the phone visible while it runs, and do not rely on it for unattended use unless the auto-approval behavior is removed or changed to ask you before accepting permissions or agreements.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 97% confidence
Finding: The automation context explicitly instructs the agent to click through permission dialogs, user agreements, and login prompts while operating a personal travel app. That exceeds the narrowly stated purpose of checking booking availability and can cause the device owner to unknowingly grant app permissions or accept terms with privacy and account-security consequences.

Missing User Warnings

High

Confidence: 99% confidence
Finding: The script tells the agent to automatically accept permission and agreement popups without any explicit user confirmation or warning. In the context of a consumer travel app tied to personal identity, location, contacts, storage, or notification permissions, this can silently expand data access and bind the user to legal terms unrelated to the requested task.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal