Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
机票查询
v1.0.0AI机票助手 - 实现国内航班搜索、舱位查询、预订下单、机票改期、机票退票。适用于用户询问航班、查询机票价格、提交机票订单、改期航班、退票时使用。
⭐ 0· 60·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (flight search, price, booking, change, refund) align with included scripts and the single network API endpoint. Requested runtime (python3) is proportional. Minor incoherence: SKILL.md claims apiKey will be saved to the user's home (~/.fbt_auth.json), but the code saves it to the system temp directory (temp/.fbt_auth.json).
Instruction Scope
SKILL.md instructs running the provided scripts and warns about sending PII to an external service (expected for booking). However the implementation contradicts the privacy guidance: scripts (e.g., create_order.py) print passenger name/phone/ID to stdout (logging PII), and the code writes temporary state files (/tmp/flight_seat_items.json, /tmp/endorse_seat_items.json) that contain booking-related data. These behaviors increase PII exposure risk beyond what the SKILL.md text describes.
Install Mechanism
No install spec; code is shipped as Python scripts and requires only python3. No remote downloads or package installs are performed by the skill itself.
Credentials
Skill declares no required env vars. The code reads an optional FBT_API_URL env var (to override the default API URL), which is reasonable. There are no unrelated credentials requested. However the skill persists an apiKey obtained via auth flow — skill.json did not declare a 'primary credential', and SKILL.md/skill.json don't clearly describe persistence details (and the documented ~/ location differs from actual tempdir location).
Persistence & Privilege
The skill stores an apiKey to disk and writes temporary JSON files in the system temp directory. Notable issues: (1) code uses tempfile.gettempdir() for .fbt_auth.json (contradicting SKILL.md which says ~/.fbt_auth.json), and temp directory files may be world-readable on some systems, increasing risk of credential or PII leakage; (2) always:false (good), and the skill does not request elevated OS-level privileges, but it does persist sensitive data in less-protected locations.
Scan Findings in Context
[insecure_ssl_verification] unexpected: common.py uses ssl._create_unverified_context() for API requests, which disables certificate validation and weakens transport security. This is not expected for a production booking integration.
[logs_pii_to_stdout] unexpected: create_order.py prints passenger name, phone, and ID to stdout when creating an order, despite SKILL.md warning not to expose PII in logs or replies.
[stores_api_key_in_tempdir] expected: The skill persists the apiKey to disk, which is necessary for its operation; however it stores the key in the system temp directory (temp/.fbt_auth.json) rather than the documented home path (~/.fbt_auth.json), raising confidentiality concerns.
What to consider before installing
This skill appears to implement a real flight search/booking client that calls an external API — that part is coherent. Before installing or using it, consider the following: 1) Transport security: the code disables TLS certificate verification for outgoing requests (ssl._create_unverified_context()). Ask the author to remove this in production or set a verified CA; do not use the skill with sensitive data until TLS validation is enabled. 2) API key storage: SKILL.md says the apiKey will be saved to ~/.fbt_auth.json, but the code saves it to the system temp directory (e.g., /tmp/.fbt_auth.json). Temp dirs may be world-readable; request changing storage to a user-only file (home dir with restricted permissions) or a secure keystore. 3) PII exposure: scripts print passenger name/phone/ID to stdout and save seat/order state in /tmp JSON files. These actions contradict the SKILL.md privacy guidance and increase risk of leaking personal data. 4) Endpoint verification: the default API URL is https://app-gate.fenbeitong.com/air_biz/skill/execute; confirm this is the intended/trusted backend before sending PII. 5) If you plan to use the skill, test it in an isolated/sandbox environment first, inspect and harden the code (remove insecure SSL code, stop logging PII, change storage location and file permissions), and obtain explicit user consent when sending PII to the external service.Like a lobster shell, security has layers — review code before you run it.
latestvk97b6brncmfgmyptpjh0swacr583xbz6
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
✈️ Clawdis
Binspython3