Daolv Hotel Search
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: daolv-hotel-search Version: 0.1.0 The skill is designed for hotel search and integrates with an external MCP server. It uses a hardcoded bearer token (`mcp_171e1ffa7da343faa4ec43460c52b13f`) in `references/mcp-client-config.json` to authenticate with `https://mcp.aigohotel.com/mcp`. While this token is likely intended for skill functionality, hardcoding API keys is a security vulnerability as it exposes the credential, which could be misused if compromised. There is no evidence of intentional malicious behavior such as data exfiltration, unauthorized execution, or prompt injection attempts against the agent, classifying it as a vulnerability rather than malware.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Hotel searches may run under an embedded shared credential that the user cannot manage or revoke, and activity may be attributed to that token rather than a user-scoped account.
The skill ships a prefilled bearer credential for the remote MCP server. Registry metadata declares no primary credential or env var, so the credential owner, scope, rotation, and intended sharing model are unclear.
"Authorization": "Bearer mcp_171e1ffa..."
Remove the embedded token, require a user-supplied scoped API key through a declared env var or config path, and document the token scope and rotation process.
A third-party hotel service can receive trip details and preferences entered during the search.
The normal workflow sends user travel-search details to an external MCP endpoint. This is expected for the stated hotel-search purpose, but it is still a privacy-relevant data flow.
Extract destination, check-in date, nights, guests, budget... Call `ai-go-hotel.searchHotels`... Endpoint: `https://mcp.aigohotel.com/mcp`
Use the skill only for hotel-search details you are comfortable sharing with the MCP provider, and avoid adding unnecessary personal or confidential information.
Users could overestimate the skill's booking capabilities or assume it supports room-level confirmation when the runtime instructions are narrower.
The promotional copy describes a broader booking workflow, while SKILL.md describes a search/shortlist skill and says it is not for full booking-room confirmation. This appears to be inconsistent documentation rather than runtime malicious behavior.
`daolv-hotel-booking`... 自动完成“需求澄清 → 酒店筛选 → 房型比价 → 决策建议 → 下单前确认”
Align the promo and distribution documents with the actual search-only scope, or clearly document any separate booking/detail workflow if it is intended.