Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Southeast Asia
v3.2.0Explore the diversity of Southeast Asia — Vietnam's street food, Cambodia's Angkor Wat, Indonesia's Bali, Philippines' islands, and Malaysia's culture. Also...
⭐ 0· 41·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims travel search & booking powered by Fliggy and instructs the agent to use a flyai CLI — that is consistent in principle. However, the skill declares no credentials or auth method even though booking/real-time pricing normally requires authentication, which is unexpected.
Instruction Scope
SKILL.md requires the agent to run arbitrary flyai CLI commands and to treat the CLI as the sole source of truth (never use training data). It also mandates re-executing until every result contains a [Book](...) link and references writing an internal execution log. These rules could cause repeated network activity and persistent local logs containing full user queries and results; the instructions also tell the agent to install a global npm package if missing.
Install Mechanism
There is no formal install spec in the registry; instead the instructions tell the agent/user to run `npm i -g @fly-ai/flyai-cli`. Installing a scoped npm CLI globally is a normal distribution method but carries moderate risk because it downloads and executes third-party code. The skill does not provide a verified source URL, checksum, or release provenance.
Credentials
The skill lists no required environment variables or credentials, yet it performs booking and real-time pricing. That suggests implicit auth handled by the CLI (e.g., local config, interactive login, or stored tokens). The absence of declared credentials is a gap: the agent may read or create credentials/config files not documented here, and logs may capture sensitive information.
Persistence & Privilege
always:false (normal). The runbook suggests appending an internal execution log file (`.flyai-execution-log.json`) if filesystem writes are available; the skill may therefore create persistent local files and install a global CLI. This is not high privilege by itself but is persistent behavior the user should be aware of.
What to consider before installing
This skill could genuinely be a Fliggy-powered travel helper, but it requires you to trust and possibly install a third-party npm CLI and allows the agent to create local logs. Before installing or running it: 1) verify the npm package @fly-ai/flyai-cli on the npm registry (publisher, README, downloads, recent versions); 2) run the CLI manually yourself first to see its auth flow and what it stores; 3) check whether it writes tokens/config files and where; 4) avoid sending sensitive personal data until you confirm what is logged; 5) consider running the CLI in a sandbox or VM and disabling autonomous skill invocation if you don't want the agent to execute installs or create persistent logs automatically.Like a lobster shell, security has layers — review code before you run it.
latestvk97bc4ca163bpybmtve6k21r9x84md0a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.