Security audit

Hotel Search & Compare — Fliggy MCP

Security checks across malware telemetry and agentic risk

Overview

This is a coherent hotel-search helper that uses a third-party FlyAI/Fliggy CLI and does not show hidden or destructive behavior.

Install this only if you trust the FlyAI CLI and are comfortable sending hotel destinations, dates, budgets, and filters to the FlyAI/Fliggy service. Treat any API key as a secret, and verify booking details on the provider page before paying.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger regexes are very broad and match common hotel-related phrasing such as generic search, booking, comparison, nearby, and budget requests in both English and Chinese. In an agent ecosystem, this can cause over-selection of this skill for ambiguous requests, leading to unintended tool invocation, unnecessary external data access, and possible routing away from more appropriate or safer skills.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.