afternoon-flight
AdvisoryAudited by VirusTotal on Apr 24, 2026.
Overview
Type: OpenClaw Skill Name: afternoon-flight Version: 3.2.0 The skill bundle instructions in SKILL.md and references/fallbacks.md direct the AI agent to automatically perform a global installation of an external NPM package (@fly-ai/flyai-cli) if the command is missing. While this is intended to ensure the flight-booking tool functions correctly, the practice of auto-installing software with global privileges represents a significant security risk and a potential vector for supply chain attacks or remote code execution (RCE). No explicit evidence of malicious intent, such as data exfiltration or backdoors, was found, but the automated installation of unverified third-party code is a high-risk behavior.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A normal flight-search request could cause the agent to install third-party software globally on the user’s machine before returning results.
The skill is listed as instruction-only with no install spec, but its mandatory workflow installs an unpinned global npm package at runtime. Global npm installs can modify the local environment and may run package lifecycle code.
If flyai-cli is not installed, install it first... npm i -g @fly-ai/flyai-cli
Require explicit user approval before installation, pin the package/version, document the dependency in the install spec, and prefer a local or sandboxed install path.
The agent may run CLI options or commands that are not clearly within the main parameter contract, causing unexpected failures or broader provider queries.
The instructions restrict the agent to listed parameters, but the playbook uses an unlisted flag. Other reference files also mention additional flags and a keyword-search command, making the tool boundary less clear.
NEVER invent CLI parameters. Only use parameters listed in the Parameters Table below... flyai search-flight ... --journey-type 1 --sort-type 2
Make the allowed command and parameter list consistent across all files, and validate user-supplied values before constructing shell commands.