Back to plugin

Security audit

Expedia Travel

Security checks across malware telemetry and agentic risk

Overview

This Expedia travel plugin behaves like a disclosed travel-search and email verification integration, with no artifact-backed evidence of hidden or destructive behavior.

Install this only if you are comfortable sharing travel searches and your email address with Expedia's adapter service. The plugin saves a local token for future searches and may automatically send a fresh verification code to the saved email when access expires; remove ~/.oc/credentials/eg-travel.json to clear that local credential.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • System Prompt LeakageDirect Leakage, Indirect Extraction, Tool-Based Exfiltration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
1. **Tell the user what happened, briefly:** *"Your EG Travel access expired because you haven't searched in a while. I'll send a fresh code to **{email}** — paste the 6 digits back here."*

   The email is available from the tool's error context (look for `details.contact`) or from the cached credential file. Do NOT ask the user "what was your email again?"

2. **Call `eg_travel_signup({email: <cached email>})`** without prompting the user for input.
Confidence
88% confidence
Finding
Do NOT ask the user

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
| Error code | What to tell the user |
|------------|----------------------|
| `unauthorized` | If a credential exists locally (the plugin will surface a cached contact), treat this as **token expired** and run the re-authentication flow above. If no credential exists, run the first-time setup flow. |
| `token_expired` | Run the **re-authentication** flow — do NOT ask the user for their contact, it's already cached. |
| `missing_field` | Ask for the missing field by name. |
| `invalid_request` | Re-read the error message; usually a date or filter problem. Fix and retry. |
| `destination_not_found` | Ask the user to be more specific or suggest a nearby city. |
Confidence
85% confidence
Finding
do NOT ask the user

Direct Prompt Extraction

High
Category
System Prompt Leakage
Content
> **The Ludlow Hotel**: **$425 USD/night** for the room base rate (×5 nights = US$2,125 base only; the all-in Total including taxes and fees is the figure shown above).

Do NOT volunteer the per-night rate without an explicit user request, even if their original query was framed in per-night terms ("hotels under $350/night"). That framing is a filter expression, not a display directive.

---
Confidence
85% confidence
Finding
display directive

VirusTotal

59/59 vendors flagged this plugin as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.