机票助手

The skill is designed for flight booking and handles highly sensitive Personal Identifiable Information (PII), including passenger names, phone numbers, and national ID card numbers. A significant security vulnerability exists in `scripts/common.py`, where SSL certificate verification is explicitly disabled using `ssl._create_unverified_context()`, exposing sensitive data to Man-in-the-Middle (MITM) attacks during transmission to `app-gate.fenbeitong.com`. Additionally, authentication tokens are stored in a shared temporary directory without explicit restrictive file permissions, potentially leaking credentials to other local users. While these appear to be critical security flaws rather than intentional malice, the combination of PII handling and weakened transport security warrants a suspicious classification.