Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Find Night Shopping — Night Markets, Evening Bazaars, Late-Night Stalls & Street Vendors
v3.2.0Find night markets, food streets, and local culinary hotspots. Discover street food, local specialties, and the best evening food experiences. Also supports:...
⭐ 0· 34·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The description claims broad travel/booking capabilities and explicitly says "powered by Fliggy (Alibaba Group)", but the runtime instructions require using an unrelated CLI named flyai (package @fly-ai/flyai-cli). There is no explanation tying flyai to Fliggy or showing how booking/payment integration works, and no credentials or API tokens are requested despite claimed booking functionality. This mismatch between branding, claimed capabilities, and the actual tool is incoherent.
Instruction Scope
Runtime instructions force the agent to rely exclusively on the flyai CLI for all answers ("NEVER answer from training data") and require installing a global npm package if the CLI is missing. The runbook describes appending an execution log (.flyai-execution-log.json) that contains the raw user query and CLI commands — i.e., the skill can persist local logs of user inputs. The instructions also demand re-execution until every result includes a booking link, which could cause repeated CLI/network activity. No explicit data exfiltration endpoints appear, but local logging and repeated remote calls are notable scope/persistence behaviors.
Install Mechanism
There is no platform-level install spec, but SKILL.md mandates running npm i -g @fly-ai/flyai-cli (a global install from the npm registry). Installing an unverified global CLI is moderate-to-high risk: it can add system-wide binaries and run arbitrary code. The package's provenance and trustworthiness are not provided in the skill metadata, and the instruction treats the install as mandatory for any response.
Credentials
The skill requires no environment variables or credentials, which reduces credential-exfiltration risk. However, given that the description advertises booking and payment-capable services (and references Fliggy), the absence of any credential requirements is surprising — the skill either delegates booking entirely to the flyai CLI (opaque to the agent) or the booking claims are marketing-only. This inconsistency is worth verifying.
Persistence & Privilege
always is false (good). But the runbook explicitly documents writing execution logs to .flyai-execution-log.json when filesystem writes are available, capturing raw user queries and CLI calls. This is local persistence of user data; users should be told that the skill may create/append such a file. Autonomous invocation is allowed by default but not combined with always:true or requested credentials.
What to consider before installing
Before installing or enabling this skill, consider the following: (1) The skill requires installing a global npm package (@fly-ai/flyai-cli) from the public registry — verify the package owner, source code, and reputation on npm/GitHub before running npm i -g. Global CLI installs can execute arbitrary code and add system-wide binaries. (2) The SKILL.md claims "Powered by Fliggy" but the runtime tool is "flyai" — ask the publisher to clarify the relationship and how booking/payment flows actually work (do you need external accounts or tokens?). (3) The skill's runbook may write a local log file (.flyai-execution-log.json) containing the raw user query and CLI commands; confirm you are comfortable with that local persistence and where the file will be stored. (4) Because the agent is forced to re-run CLI calls until booking links appear, expect repeated network activity; consider running the CLI in a sandbox or reviewing its network behavior first. If you cannot verify the flyai CLI's provenance, avoid installing it globally and ask the skill author for source code or an officially verifiable integration (e.g., documented API endpoints, proper OAuth/token use).Like a lobster shell, security has layers — review code before you run it.
latestvk9774ntt6wsr3rnwn42php3r5h84sgnm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.