Currency
v2.0.0Your personal Currency assistant. Track, analyze, and manage all your travel planning needs from the command line.
⭐ 0· 196·0 current·0 all-time
byBytesAgain2@ckchzh
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (travel planning, offline CLI) align with the included script: commands for planning, search, booking, packing lists, convert, weather, route, etc. Nothing requested (no env vars, no external binaries) appears out of scope for an offline command-line travel assistant.
Instruction Scope
SKILL.md instructs local CLI usage and the script follows that: it reads and writes only to $HOME/.local/share/currency and uses standard utilities (grep, tail, wc, du). It logs all user inputs and activity timestamps; this is expected for an offline journaling tool but is a privacy consideration because arbitrary user input (including secrets if entered) will be persisted.
Install Mechanism
No install spec included — instruction-only + bundled shell script. No downloads or package installs are performed. Risk from install mechanism is low based on provided files.
Credentials
The skill declares no required environment variables or credentials and the script only relies on HOME (to create a data directory). No unrelated credentials or config paths are requested.
Persistence & Privilege
The skill persists data to ~/.local/share/currency and appends user inputs to .log files and a history.log. This is expected behavior, but users should be aware the skill will retain whatever they type. The skill is not marked always:true and does not request elevated system privileges.
Assessment
This skill appears to be a local, offline CLI travel assistant that stores activity under ~/.local/share/currency and does not request credentials or perform network calls in the visible code. Before installing: (1) review the entire scripts/script.sh (the provided snippet was truncated) to confirm there are no hidden network calls or other unexpected actions; (2) be cautious about entering sensitive data (passwords, credit card numbers, API keys) because all inputs are logged to disk; (3) consider setting strict file permissions on the data directory (chmod 700 ~/.local/share/currency) or running the tool in a sandbox/container if you want extra isolation; (4) if you need stronger assurance, ask the author for the full source or a reproducible build and verify no network calls are made.Like a lobster shell, security has layers — review code before you run it.
latestvk975s6h0cdyxmph4g61pasvthn8313fe
License
MIT-0
Free to use, modify, and redistribute. No attribution required.