Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Explore Europe
v3.2.0Plan European adventures — multi-country itineraries, Schengen visa guidance, rail passes, iconic cities from Paris to Rome, fjords to Greek islands. Also su...
⭐ 0· 45·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The description/promotional text claims booking, reservation, train-ticket purchases, and 'powered by Fliggy', but the SKILL.md only documents search commands (search-flight, search-hotel, search-poi, keyword-search) that return links; there are no booking/confirm commands or parameters shown. The skill therefore may overstate its capabilities (marketing vs actual runtime behavior).
Instruction Scope
Runtime instructions require installing and running the flyai CLI and mandate the agent use ONLY CLI output (never training data). The SKILL.md also suggests writing an execution log to disk (.flyai-execution-log.json) if file writes are available. The instructions are prescriptive and will cause the agent to perform network installs, run external binaries, and potentially persist logs — all beyond passive knowledge retrieval.
Install Mechanism
There is no formal install spec in the registry, but SKILL.md instructs global installation via `npm i -g @fly-ai/flyai-cli`. Installing an npm package globally is a moderate-to-high risk action (postinstall scripts, arbitrary code). The skill does not specify a verified source, SHA, or pinned version, and the registry metadata lists no vetted install mechanism — this is a notable risk vector.
Credentials
The skill declares no required environment variables or credentials, but the flyai CLI likely requires account credentials or local config to return real booking/pricing results. The SKILL.md does not declare or explain what account/config is required, where credentials will be stored, or whether the CLI will prompt for interactive login. This omission is disproportionate to the stated purpose and could lead to unexpected credential usage or prompts.
Persistence & Privilege
always:false (good). However, the runbook explicitly suggests persisting an execution log to `.flyai-execution-log.json` when filesystem writes are available. Persisting detailed request/response logs may expose query content and CLI output on disk; the skill does not describe log retention, location, or privacy controls.
What to consider before installing
This skill wraps a third‑party CLI (flyai-cli) and forces the agent to install and rely solely on that CLI for answers. Before installing or enabling it, verify the flyai-cli package and its publisher (look up the npm package and its GitHub repo, check maintainer reputation and postinstall scripts). Expect that the CLI may require a Fliggy/account login or local credentials even though the skill doesn't declare any env vars — plan for where those credentials would be stored. Note the skill advertises booking/reservation features but only documents search commands that return booking links; confirm whether it can actually complete purchases. Finally, avoid letting an agent run global npm installs autonomously — install and test the CLI yourself in a controlled environment first and review any logs written to `.flyai-execution-log.json` for sensitive content.Like a lobster shell, security has layers — review code before you run it.
latestvk973vj78e4yq0d453desk6hgsn84ftv1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.