ClawHub

智慧旅行 AI

v1.0.0

AI智能旅行助手套装,包含行程规划、目的地指南、预算管理、签证办理、天气打包等一站式旅行服务。Invoke when user needs comprehensive travel planning, itinerary creation, destination information, budget calc...

0· 46·0 current·0 all-time
byfenbeitong-trip@gaogao605·duplicate of @gaogao605/trip-ai
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the included code and SKILL.md: subskills (itinerary, destination guide, budget, visa, weather/packing) and shared models/utilities are present and appropriate. The only mild inconsistency: the top-level SKILL.md architecture mentions shared/constants.py, but that file is not present in the provided manifest — this looks like a packaging/documentation mismatch rather than malicious behavior.
Instruction Scope
Runtime instructions are focused on travel planning and coordinating the five subskills. The SKILL.md does not instruct reading unrelated system files, accessing arbitrary environment variables, or sending data to unexpected external endpoints. Subskill adapters expose function-call style APIs for the agent.
Install Mechanism
No install spec is provided (instruction-only from a packaging/install perspective). Code is Python scripts with no remote download/install steps in the manifest. Required binary is python3 which is reasonable for these scripts.
Credentials
The skill requests no environment variables, no credentials, and no config paths. The functionality described (local lookups, simulated or static data, formatting) does not require secrets, so the lack of credential requests is proportionate.
Persistence & Privilege
The skill is not force-included (always:false) and uses normal agent invocation. It does not request system-wide configuration changes or access to other skills' credentials.
Assessment
This package looks coherent for travel assistance, but before installing: 1) verify the missing shared/constants.py reference in the documentation or repo (it may be a harmless doc mismatch). 2) Review any omitted/truncated files (the provided excerpts were truncated) to confirm there are no hidden network calls or hardcoded endpoints. 3) If you plan to run the Python scripts on a sensitive environment, run them in an isolated/test environment first — although no credentials or installs are requested, it's good practice to inspect full source and confirm no outbound network calls are added. 4) If you need live weather/visa data, check whether the skill will be updated to call external APIs (that may require API keys) and consider how those keys would be provided and stored.

Like a lobster shell, security has layers — review code before you run it.

latestvk9770vs0b140spf7d2ym32772183xhkv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

✈️ Clawdis
Binspython3

Comments