Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Explore Bali
v3.2.0Plan your Bali dream trip — Ubud rice terraces, Seminyak beach clubs, Uluwatu temple sunsets, Nusa Penida cliffs, and spiritual yoga retreats. Also supports:...
⭐ 0· 49·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (Bali trip planning) aligns with the instructions: the SKILL.md consistently directs the agent to use the flyai CLI to search flights, hotels, and POIs and produce booking links. Nothing in the files requests unrelated credentials, binaries, or system access that would be out of scope for travel planning.
Instruction Scope
The SKILL.md enforces strict runtime rules: the agent must only use flyai CLI outputs (never training data), must install the CLI if missing, and must include a [Book]({detailUrl}) link for every result. It also documents an internal execution log schema and suggests appending logs to .flyai-execution-log.json if file-system writes are available. These behaviors are coherent with the skill’s purpose but are operational constraints you should be aware of (possible local log writes and hard dependency on the CLI).
Install Mechanism
No formal install spec is embedded in the package (instruction-only), but the runtime instructions require running npm i -g @fly-ai/flyai-cli. Installing a global npm package is reasonable for a CLI-based skill, but it carries the usual trust/risk posture of running third-party npm packages (ensure the package is from a legitimate source before installing).
Credentials
The skill requests no environment variables, no credentials, and no config paths. All required inputs are user-provided parameters for the flyai CLI. This is proportionate to a travel-booking skill.
Persistence & Privilege
The skill is not always-enabled and uses normal autonomous invocation settings. The runbook suggests persisting an execution log (appending to .flyai-execution-log.json) if file writes are available; this is reasonable for auditing but will create files in the working directory and could contain user queries/parameters. No other elevated privileges or cross-skill config modifications are requested.
Assessment
This skill appears to do what it says: it wraps the flyai CLI to fetch real-time travel results and booking links. Before installing or using it: (1) Verify the provenance of the flyai CLI package on npm (confirm it's the official @fly-ai package or from a trusted publisher) because the skill instructs you to run npm i -g; (2) Be aware the skill may write an execution log (.flyai-execution-log.json) to the current working directory if filesystem writes are available — review those logs if you care about local persistence of query data; (3) The agent will refuse to answer from its training data and will only return CLI-sourced outputs, so expect failures if you cannot install or run the CLI or if network access is restricted; (4) If you want to reduce risk, install and test the flyai CLI in a controlled environment (container or VM) before granting it to your agent. If you need me to, I can list specific checks to verify the flyai CLI package (npm publisher, homepage, source repo) or summarize what the CLI likely calls over the network.Like a lobster shell, security has layers — review code before you run it.
latestvk97f037gzz1xx8f60dcb9vhp3984fqt2
License
MIT-0
Free to use, modify, and redistribute. No attribution required.