Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Explore Usa
v3.2.0Plan your American adventure — NYC skyscrapers, LA beaches, SF Golden Gate, national parks road trips, Las Vegas shows, and coast-to-coast experiences. Also...
⭐ 0· 45·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill is an instruction-only wrapper around a third-party CLI (flyai-cli) for flights/hotels/POI and booking links, which is coherent with the travel-planning description. However, it requires installing a global npm package at runtime (not declared in registry install specs), which is a heavier footprint than the skill metadata implies.
Instruction Scope
The SKILL.md forces the agent to rely exclusively on flyai-cli outputs ('NEVER answer from training data') yet the fallbacks allow using domain knowledge for visa info—this is a direct contradiction. The runbook also suggests writing an execution log to .flyai-execution-log.json if filesystem writes are available, meaning the skill expects persistent local writes even though no config paths were declared.
Install Mechanism
There is no formal install spec in registry metadata, but the instructions demand running `npm i -g @fly-ai/flyai-cli`. Asking the agent (or user) to globally install an external npm package at runtime is a supply-chain risk unless the package source, checksum, or trusted registry is verified. Instruction-only skills that trigger external installs increase attack surface.
Credentials
The skill requests no environment variables, credentials, or special config paths in its metadata, which is proportionate to a CLI-wrapper skill. No suspicious credential access is declared.
Persistence & Privilege
always:false (good). But runbook instructions to append to .flyai-execution-log.json imply local persistence of logs; this is reasonable for debugging but not declared in required config paths and should be disclosed to users before writing to disk.
What to consider before installing
This skill is mostly coherent with its travel-planning purpose, but consider the following before installing or using it:
- The skill mandates installing and using an external npm CLI (@fly-ai/flyai-cli). Verify that package on the npm registry (publisher, downloads, repository, and integrity) before running a global install. Prefer sandboxed or user-consent installation rather than automatic global installs.
- The SKILL.md contains a contradiction: it forbids using training-data answers but its fallback for visa info permits using domain knowledge. Ask the maintainer to clarify allowed fallbacks.
- The runbook suggests writing an execution log file (.flyai-execution-log.json) if filesystem writes are available. Confirm whether logs contain any PII and get user consent before allowing file writes.
- Because the skill produces booking links, expect outbound links to third-party booking pages; confirm privacy/telemetry implications and whether any click-tracking or affiliate parameters are appended.
If you need higher assurance: request the package source (GitHub/npm link), checksum, or an official publisher statement; run the CLI install in a controlled environment first (container, VM) and inspect network traffic/behavior. If you cannot verify the flyai-cli package, treat automatic installation as a blocking risk.Like a lobster shell, security has layers — review code before you run it.
latestvk97apfp2etzyya9xb9eqycc12984hbtj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.