VariflightAviation

v1.0.4

航班信息查询 Skill（飞常准官方 MCP）- 实时航班动态、航线搜索、舒适度评估、机场天气、中转规划、实时定位

⭐ 1· 846·3 current·3 all-time

byLance@lancenas·duplicate of @lancenas/variflight-aviation (1.0.4)·canonical: @lancenas/variflight-aviation-skill

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for lancenas/variflight-aviation.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "VariflightAviation" (lancenas/variflight-aviation) from ClawHub.
Skill page: https://clawhub.ai/lancenas/variflight-aviation
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required env vars: X_VARIFLIGHT_KEY
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Canonical install target

openclaw skills install lancenas/variflight-aviation

ClawHub CLI

Package manager switcher

npx clawhub@latest install variflight-aviation

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Benign

medium confidence

✓

Purpose & Capability

Name/description (flight data, MCP integration) match the code and SKILL.md. The skill only asks for a VariFlight API key (X_VARIFLIGHT_KEY or VARIFLIGHT_API_KEY) and uses Node/npx to run the @variflight-ai/variflight-mcp MCP server — all of which are coherent for its stated purpose.

ℹ

Instruction Scope

SKILL.md instructs the user to provide an API key via config.local.json or X_VARIFLIGHT_KEY and to use npx to run @variflight-ai/variflight-mcp. The runtime instructions and code read the local config and environment and spawn an npx process, then communicate with that MCP over stdio. The skill requests network, env-read and file-read permissions which align with its behavior. Note: SKILL.md contained a prompt-injection detection (unicode-control-chars) — likely formatting but worth checking the raw file for hidden/control characters.

ℹ

Install Mechanism

No install spec in registry, but the code dynamically invokes npx -y @variflight-ai/variflight-mcp at runtime (MCPServerManager and Stdio transport). This means the remote npm package will be downloaded and executed on first run — expected for an MCP-style skill but higher-risk than pure instruction-only skills. The package comes from the npm registry (no arbitrary URL downloads observed).

✓

Credentials

Only the VariFlight API key (X_VARIFLIGHT_KEY / VARIFLIGHT_API_KEY) is required and is justified by the skill's interactions with VariFlight's MCP. The skill reads config.local.json if present and process.env; it does not request unrelated credentials or system secrets in the manifest.

✓

Persistence & Privilege

The skill is user-invocable, not always-enabled, and does not request elevated persistence or modify other skills. It spawns subprocesses (npx) but does not alter system-wide agent configuration beyond using local config/env as expected.

Scan Findings in Context

[unicode-control-chars] unexpected: The pre-scan detected unicode control characters in SKILL.md. This is not necessary for the skill's functionality and could be accidental formatting or an attempt to obfuscate text. Inspect the SKILL.md raw content to confirm there are no hidden instructions or invisible characters.

Assessment

This skill appears to do what it claims (a VariFlight MCP client). Before installing or running it: 1) Verify the npm package @variflight-ai/variflight-mcp on the npm registry (author, version history, and recent releases) because the skill dynamically downloads and executes that package via npx. 2) Inspect SKILL.md and included source for any unexpected hidden characters (pre-scan found unicode control chars). 3) Provide an API key only from the official VariFlight site (https://ai.variflight.com/keys) and be aware the key will be passed to the child MCP process — that process will contact VariFlight servers (expected for functionality). 4) If you need stronger assurance, pre-install and audit @variflight-ai/variflight-mcp locally and pin a known-good version, or run the skill in an isolated environment. 5) If you operate in a sensitive environment, review network egress logs and the MCP package source before granting network access.

✗

src/lib/mcp-server-manager.js:17

Shell command execution detected (child_process).

Patterns worth reviewing

These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

✈️ Clawdis

OSmacOS · Linux · Windows

Environment variables

X_VARIFLIGHT_KEYrequired

latestvk97651wrggt1zqy0fyrkep93zh838gkm

846downloads

1stars

5versions

Updated 1h ago

v1.0.4

MIT-0

macOS, Linux, Windows

功能概述

本 Skill 接入飞常准（VariFlight）官方 MCP 服务，提供国内外航班全量数据查询。无需 Python/uvx，通过 npx 按需启动 MCP 服务器。

数据来源：飞常准是中国最大的航班数据服务商，覆盖国内外全量航班，含实时动态、准点率历史、飞机实时位置、舒适度指数等。

配置说明

方法 1：本地配置文件（推荐）

创建 config.local.json（已加入 .gitignore）：

{
  "apiKey": "your_variflight_key_here"
}

方法 2：环境变量

export X_VARIFLIGHT_KEY="your_variflight_key_here"

前往 https://ai.variflight.com/keys 注册免费账号获取 Key（注册即赠 50 元体验额度）。

可用命令

1. info - 航班详情查询

@variflight-aviation info <fnum> [date]

按航班号查询详细信息：出发/到达时间、延误、机型、准点率、值机柜台、行李转盘等。

示例：

@variflight-aviation info CA1501
@variflight-aviation info CA1501 2026-03-17

2. search - 航班搜索

@variflight-aviation search <dep> <arr> [date]

查询两机场之间的所有航班。支持机场三字码（PEK）或城市三字码（BJS）。

示例：

@variflight-aviation search PEK SHA
@variflight-aviation search SZX PEK 2026-03-17

3. track - 实时航班追踪

@variflight-aviation track <fnum> [date]

查询航班今日实时状态（起降时间、延误、飞行阶段），并尝试获取飞机实时经纬度位置。

示例：

@variflight-aviation track CA1501

4. comfort - 乘机舒适度评估

@variflight-aviation comfort <fnum> [date]

获取飞常准「飞行幸福指数」，涵盖机型、座椅、餐食、准点率等综合评分。

示例：

@variflight-aviation comfort CA1501
@variflight-aviation comfort MU2157 2026-03-17

5. weather - 机场天气

@variflight-aviation weather <airport>

查询机场未来3天天气预报（今日/明日/后日），数据来自飞常准气象服务。

示例：

@variflight-aviation weather PEK
@variflight-aviation weather SHA

6. transfer - 中转方案规划

@variflight-aviation transfer <dep> <arr> [date]

查询两城市间的中转航班方案，推荐使用城市三字码。

示例：

@variflight-aviation transfer BJS LAX 2026-03-17
@variflight-aviation transfer SHA LHR

常用代码对照

城市/机场	机场代码	城市代码
北京首都	PEK	BJS
北京大兴	PKX	BJS
上海虹桥	SHA	SHA
上海浦东	PVG	SHA
广州白云	CAN	CAN
深圳宝安	SZX	SZX
成都天府	TFU	CTU
香港	HKG	HKG
东京成田	NRT	TYO
新加坡	SIN	SIN
伦敦希思罗	LHR	LON
纽约肯尼迪	JFK	NYC
洛杉矶	LAX	LAX

飞常准 MCP 工具对照

命令	飞常准 MCP 工具
`info`	`searchFlightsByNumber`
`search`	`searchFlightsByDepArr`
`track`	`searchFlightsByNumber` + `getRealtimeLocationByAnum`
`comfort`	`flightHappinessIndex`
`weather`	`getFutureWeatherByAirport`
`transfer`	`getFlightTransferInfo`

故障排除

错误：API Key 未配置

解决：在 config.local.json 中设置 apiKey，前往 https://ai.variflight.com/keys 获取

错误：npx 命令找不到

解决：确认已安装 Node.js（node -v），npx 随 npm 一同安装

首次运行较慢

原因：npx 首次自动下载 @variflight-ai/variflight-mcp 包
解决：手动预下载：npx -y @variflight-ai/variflight-mcp

许可证

Comments

Loading comments...

VariflightAviation

Install

Install with OpenClaw

CLI Commands

Runtime requirements

功能概述

配置说明

方法 1：本地配置文件（推荐）

方法 2：环境变量

可用命令

1. info - 航班详情查询

2. search - 航班搜索

3. track - 实时航班追踪

4. comfort - 乘机舒适度评估

5. weather - 机场天气

6. transfer - 中转方案规划

常用代码对照

飞常准 MCP 工具对照

故障排除

错误：API Key 未配置

错误：npx 命令找不到

首次运行较慢

相关链接

许可证

Comments