Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Student Flights
v3.2.0Find student-friendly flight deals — budget airlines, off-peak departures, and money-saving strategies specifically designed for young and student travelers....
⭐ 0· 40·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's declared purpose (student-friendly flight deals) matches the CLI-based workflow described: all runtime actions are calls to a 'flyai' CLI to retrieve live pricing. However the SKILL.md claims 'Powered by Fliggy (Alibaba Group)' while the package name used is '@fly-ai/flyai-cli' with no homepage or source listed — provenance is missing and should be verified. Requiring a third-party CLI is plausible, but the absence of a trustworthy upstream link or repo is a concern.
Instruction Scope
Instructions mandate the agent must install and use the flyai CLI for every answer, forbid using training data, and require writing every result with specific links. The runbook requires creating an internal execution log and suggests writing it to .flyai-execution-log.json if filesystem writes are available (this will persist user queries and CLI call metadata locally). The SKILL.md also instructs automatic installation (step 0), including escalating to 'sudo' if the initial install fails. Requiring automatic installs and writing logs broadens scope beyond simple read-only queries.
Install Mechanism
There is no formal install spec in the registry entry; instead the instructions tell the agent to run 'npm i -g @fly-ai/flyai-cli' if the CLI is missing, and to retry with sudo on failure. A global npm install is moderate-to-high risk: it executes code from the npm registry (potential postinstall scripts), modifies system-wide state, and may require elevated privileges. The skill gives the agent permission to perform that install automatically, which increases risk unless the package provenance is audited.
Credentials
The skill does not request environment variables, credentials, or config paths. No unrelated secrets are asked for in the manifest or SKILL.md.
Persistence & Privilege
The skill does not request 'always:true' but it does request local persistence: the runbook instructs logging each request and, if filesystem writes are available, appending to .flyai-execution-log.json. That creates persistent local records containing raw user queries and CLI call metadata. Combined with the instruction to install a global npm package (with optional sudo), this gives the skill the ability to change system state and persist potentially sensitive user content — user consent and sandboxing should be considered.
What to consider before installing
This skill plausibly implements live flight searches, but proceed carefully. Key things to consider before installing or enabling it:
- Package provenance: the SKILL.md tells the agent to install '@fly-ai/flyai-cli' from npm but the skill listing has no homepage or source repo. Verify the npm package author, repository URL, and recent package contents (look for postinstall scripts) before installing.
- Automatic global installs are risky: 'npm i -g' can run arbitrary code and may require sudo. Prefer to install and audit the CLI manually in a controlled environment or container rather than allowing the agent to install it automatically.
- Persistent logs: the skill will create/append .flyai-execution-log.json containing raw user queries and CLI call metadata. If you care about privacy, either disable log persistence, inspect the logging implementation first, or run the skill in an isolated workspace where logs can't leak.
- Confirm the 'Powered by Fliggy' claim: ask the skill author for the integration details or the upstream repo to ensure the data source is legitimate.
- Operational safety: run the CLI in a sandbox/container with restricted network and filesystem access and monitor any sudo prompts and network calls made during install.
If you cannot verify the npm package and repository, or you cannot run the CLI in an isolated environment, avoid enabling the skill or allow it to auto-install software on your machine.Like a lobster shell, security has layers — review code before you run it.
latestvk970es7d5srn7eescm4x8p2s6584n0ja
License
MIT-0
Free to use, modify, and redistribute. No attribution required.