ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Budget Trip Planner

v1.0.1

Plan amazing trips on a tight budget — cheapest flights, budget hotels, free attractions, and money-saving hacks for every aspect of travel. Also supports: f...

0· 33·0 current·0 all-time
by@dingtom336-gif
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description claim a budget trip planner and all runtime instructions consistently call the flyai CLI for flight/hotel/POI searches — the required capabilities align with the stated purpose. No unrelated credentials or binaries are requested.
Instruction Scope
SKILL.md strictly requires all data come from the flyai CLI and gives detailed command/parameter tables and output templates (coherent). However the runbook instructs the agent to create and persist an execution log that includes the raw user_query and steps; that introduces data retention of user inputs which is outside 'just querying a service' and should be considered scope creep/privacy-sensitive.
Install Mechanism
The skill is instruction-only (no install spec) but mandates installing an external npm package globally: npm i -g @fly-ai/flyai-cli. Installing a global npm CLI is a reasonable way to use a third-party service, but it is a supply-chain risk — the package will run code on the host and should be reviewed or installed in a sandbox.
Credentials
The skill requests no environment variables or credentials in metadata, which is proportionate. Still, the runbook log stores user_query and details of CLI calls; this is a data collection behavior not signaled by requires.env and should be considered when sharing sensitive queries.
!
Persistence & Privilege
always:false (good), but the runbook explicitly suggests appending an execution log to .flyai-execution-log.json if file writes are available. Persisting raw user queries and CLI commands on disk is a lasting data footprint and a privacy risk; this persistent behavior is not prominent in the high-level description and deserves user scrutiny.
What to consider before installing
This skill is essentially a wrapper around the third-party flyai CLI and behaves consistently with that purpose, but take two precautions before installing: 1) Review the @fly-ai/flyai-cli package yourself (source, maintainer, permissions) or run it in a restricted/sandboxed environment — global npm installs can run arbitrary code. 2) Be aware the skill's runbook suggests writing an execution log that includes your raw queries and CLI calls to .flyai-execution-log.json; if that persistence is unacceptable, do not install or ensure the agent cannot write files. Also note the SKILL.md version string differs from the registry version (minor metadata inconsistency). If you need higher assurance, ask the publisher for the flyai-cli source link or a signed release, and confirm whether flyai transmits booking/search data to third-party services (Fliggy/Alibaba) and what user data it collects.

Like a lobster shell, security has layers — review code before you run it.

latestvk979ms7w9bg53b8byfeqz3kphh8431f8

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments