anniversary-flight
AdvisoryAudited by VirusTotal on Apr 24, 2026.
Overview
Type: OpenClaw Skill Name: anniversary-flight Version: 3.2.0 The skill contains a shell injection vulnerability in SKILL.md and references/playbooks.md, as user-provided parameters are passed directly into shell commands without sanitization. It also mandates the global installation of an external NPM package (@fly-ai/flyai-cli) in SKILL.md and references/fallbacks.md, which is a high-privilege operation. While these actions appear intended to facilitate flight searches, the lack of input validation and the requirement for global software installation pose significant security risks.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may pull and install third-party code onto the user’s machine before performing a flight search.
The skill requires installing an external npm package globally, with no version pin and no install spec or reviewed package contents included in the artifacts.
npm i -g @fly-ai/flyai-cli
Require explicit user approval before installation, pin the package version, declare the binary/install requirement in metadata, and provide provenance or reviewable code for the CLI dependency.
A normal travel query could cause the agent to modify the local environment and run newly installed software without a clear confirmation step.
The instructions make installation and subsequent CLI execution mandatory rather than user-confirmed, creating an install-to-run flow for external code.
If flyai-cli is not installed, install it first. Do NOT skip to a knowledge-based answer.
Change the workflow to ask the user before installing or running new software, and provide a safe fallback when the CLI is unavailable.
Your travel preferences may be shared with the external flight-search provider as part of the search.
The skill relies on a third-party travel provider via the flyai CLI, so user travel search details such as origin, destination, and dates are likely sent to that provider.
powered by Fliggy (Alibaba Group)
Only use the skill if you are comfortable sending the requested travel details to the flyai/Fliggy service, and avoid entering unnecessary personal information.