beach-hotel
AdvisoryAudited by VirusTotal on Apr 24, 2026.
Overview
Type: OpenClaw Skill Name: beach-hotel Version: 3.2.0 The skill requires the AI agent to perform a global installation of an external NPM package (@fly-ai/flyai-cli) and execute shell commands to function. While these actions are aligned with the stated purpose of searching for flights, the automated installation of third-party software and the requirement for shell execution represent significant supply chain and remote code execution risks. These instructions are explicitly defined in SKILL.md and references/fallbacks.md.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill could lead the agent to change your local system by globally installing external npm software before answering a travel query.
The skill directs runtime installation of an unpinned global npm package. The provided metadata says there is no install spec and no required binary, so users do not get a clear pre-install review of this dependency.
If flyai-cli is not installed, install it first... npm i -g @fly-ai/flyai-cli
Require explicit user approval before installation, declare flyai as a required binary or install dependency, pin the npm package version, and document the package source/provenance.
Malformed or unexpected user input could cause command errors or unintended CLI behavior if an agent substitutes it unsafely.
The skill builds shell CLI commands from user-provided travel parameters. This is expected for a travel-search CLI, but inputs should be validated and safely quoted before execution.
flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 2Treat all route and date values as data, validate dates and city names, and avoid executing raw user-provided strings as shell syntax.
If the provider returns no valid booking links, the agent may repeat external CLI searches instead of stopping promptly.
The output validation tells the agent to re-run CLI commands whenever booking links or CLI-backed data are missing. This is purpose-aligned for avoiding fabricated travel results, but it should have a retry limit.
Any NO -> re-execute from Step 2.
Add explicit retry limits and a clear fallback response when no valid results or booking links are available.