birthday-trip
AdvisoryAudited by VirusTotal on Apr 24, 2026.
Overview
Type: OpenClaw Skill Name: birthday-trip Version: 3.2.0 The birthday-trip skill is a functional flight search integration designed to work with the `@fly-ai/flyai-cli` npm package. It provides the AI agent with clear instructions for environment setup, parameter collection, and command execution (e.g., `flyai search-flight`). While it requires global npm installation and shell execution, these actions are strictly aligned with the stated purpose of retrieving real-time travel data. No evidence of malicious intent, data exfiltration, or harmful prompt injection was found across the SKILL.md or reference files.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could change the local environment and run npm package installation behavior before the user has reviewed or approved the specific CLI code.
The skill instructs the agent to install a global, unpinned npm package at runtime before answering. The provided artifacts do not include the package contents, version pin, provenance, or an install spec for review.
"If flyai-cli is not installed, install it first." ... "npm i -g @fly-ai/flyai-cli"
Verify the package source before use, require explicit user approval for installation, pin a reviewed version, and declare the required binary/install mechanism in metadata.
Birthday, travel-date, destination, and other personal trip details may remain in the workspace after the task is finished.
The runbook directs the agent to log the raw user query and execution details to a persistent local file when file writes are available, but does not define retention, user consent, redaction, or a skill-scoped storage path.
"user_query": "{raw input}" ... "echo '{generation_log_json}' >> .flyai-execution-log.json"Ask before writing logs, redact raw user input, store only under a clearly scoped skill directory, and document how users can disable or delete the log.