Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Concert Event Tickets
v3.2.0Find concerts, live performances, sports events, and festivals. Get ticket prices, seating info, and direct booking links. Also supports: flight booking, hot...
⭐ 0· 51·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The stated purpose (find events and provide booking links) aligns with the required use of a dedicated CLI (flyai). However the description also mentions broad travel services (flights, hotels, visa, etc.) that are not reflected in the playbooks and parameters, which suggests scope creep. The manifest lists no install or credentials but the SKILL.md requires installing a third‑party CLI — this is inconsistent with the 'no install spec' metadata.
Instruction Scope
SKILL.md forces all data to come from the flyai CLI and instructs the agent to install the CLI if absent. It also instructs creating and persisting a local execution log (.flyai-execution-log.json) containing full request data. The file write behavior is optional 'if file system writes are available' but present in runbook; that can expose user queries and results on disk. There are also contradictory/ambiguous output rules (e.g., 'Use `detailUrl` for booking links. Never use `detailUrl`.') which could cause incorrect/unsafe behavior. The instructions do not ask to read unrelated system files or credentials, but the forced install+logging and ambiguous rules raise scope and privacy concerns.
Install Mechanism
The skill is instruction-only in the registry (no install spec), yet the runtime instructions mandate running `npm i -g @fly-ai/flyai-cli`. A global npm install can modify the host environment, may require elevated privileges on some systems, and installs third‑party code without checksum or verified source. The registry should have declared an install spec or explicit provenance; absence of that metadata plus an in‑text install command is a mismatch and increases risk.
Credentials
The skill does not request environment variables or credentials, which is proportionate for a read-only search/booking tool. However, installing a global CLI and writing execution logs are actions that affect the environment and may expose user data on disk. The skill references being 'Powered by Fliggy (Alibaba Group)' but does not request any Alibaba creds — this is not necessarily malicious but is a discrepancy to verify if the flyai backend actually requires third‑party auth.
Persistence & Privilege
The skill does not set always:true and does not request special system privileges in the manifest. However, it instructs optional persistent logging to a .flyai-execution-log.json file and enforces global installation of a CLI (npm -g), which can result in persistent system changes and may require elevated permissions. Those behaviors increase persistence/privilege impact compared with a pure instruction-only skill.
What to consider before installing
Before installing or running this skill, consider the following:
- The skill forces use of a third‑party CLI and tells the agent to run `npm i -g @fly-ai/flyai-cli`. Installing global npm packages changes your system and may require elevated privileges; verify the package name, publisher, and official source (npm registry page, GitHub repository, checksums) before installing. If you must test, run it in a disposable or sandboxed environment (container, VM).
- The SKILL.md instructs the agent to write an execution log (.flyai-execution-log.json) containing user queries and commands. If that log would be persisted on your machine, it could expose sensitive queries/ids — confirm where logs are stored and consider disabling or isolating them.
- There are contradictory/ambiguous instructions in the document (example: the line about using vs never using `detailUrl`). Ask the skill author to clarify these contradictions — ambiguous rules increase the chance of incorrect or unsafe outputs.
- The description mentions broad travel services (flights, hotels, visa info) but the playbooks only cover events/tickets. Confirm the true scope and whether additional CLI commands or credentials are required for those extra features.
- Because the registry metadata contains no install provenance or homepage, treat the package as unverified until you can confirm its origin. If you are not comfortable, do not install the CLI globally and prefer a sandboxed execution environment.
If you want, I can: (a) draft questions to ask the skill author for clarification, (b) show a minimal safe checklist for testing the CLI in a container, or (c) attempt to map all flyai CLI commands referenced so you can validate them against an upstream project page.Like a lobster shell, security has layers — review code before you run it.
latestvk976qta3cc5fcz7av93d0d457s84hhvt
License
MIT-0
Free to use, modify, and redistribute. No attribution required.