Skills
skills/openclaw/skills/amadeus-hotels/Gen Agent Trust Hub

amadeus-hotels

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill processes untrusted hotel descriptions and metadata from the Amadeus API, creating a surface for indirect prompt injection attacks where malicious data could influence agent reasoning.
  • Ingestion points: scripts/details.py (lines 78, 114), scripts/offers.py (line 120), and scripts/search.py (line 104) all process external strings from API responses.
  • Boundary markers: None used; API content is interpolated directly into agent-facing outputs.
  • Capability inventory: The skill is limited to HTTP network requests and writing to its own local state/ directory; it lacks dangerous capabilities like shell execution or arbitrary file modification.
  • Sanitization: No sanitization or escaping of external content is performed.
  • [DATA_EXFILTRATION] (LOW): The skill performs network operations to api.amadeus.com and test.api.amadeus.com, which are required for functionality but not included in the predefined whitelist of trusted domains.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill requires the requests library via pip, which is a standard and verifiable third-party dependency.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 11:58 PM