Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
反向穷游
v1.0.1反向穷游助手,我有X元能去哪?输入总预算、出发城市、可出行天数,AI反向搜索所有可能性,生成3档方案(省钱极限版/舒适版/极限拉满版),每档含完整预算拆解。当用户提到"我有X元"、"预算XX能去哪"、"这些钱能去哪"、"反向穷游"、"穷游推荐"、"预算旅行"时使用。
⭐ 0· 73·0 current·0 all-time
byhello_hang@hello-ahang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description (reverse-budget travel) align with the instructions: it calls flight/hotel/poi search commands, builds 3-tier budgets, and stores user preferences. Reading/writing a user profile and using search-* tools is consistent with the stated functionality.
Instruction Scope
Instructions explicitly tell the agent to bypass TLS verification (NODE_TLS_REJECT_UNAUTHORIZED=0) and to run global npm installs and CLI commands. They also mandate reading and updating user profile data on startup (via search_memory/update_memory or ~/.flyai/user-profile.md). The TLS bypass and automated global installs broaden the agent's scope beyond pure recommendation logic.
Install Mechanism
Although the package has no formal install spec, the workflow requires running `npm install -g @fly-ai/flyai-cli@latest` or using `npx @anthropic-ai/flyai-cli@latest`. This downloads and executes code from the public npm registry and may require sudo; it's a moderate-to-high risk action not enforced/declared by the registry metadata.
Credentials
No credentials are requested (good), but the SKILL.md relies on an insecure environment variable (NODE_TLS_REJECT_UNAUTHORIZED=0) multiple times which weakens network security. It also reads/writes a local file (~/.flyai/user-profile.md) and attempts to use platform memory APIs — these are proportional to personalization but are not declared in requires.env and involve reading/writing user data.
Persistence & Privilege
Skill does not request always: true and does not modify other skills. It asks to persist a profile file in the user's home (~/.flyai/user-profile.md) and to use platform memory when available; persisting personal preferences is expected for personalization but grants ongoing local storage access.
What to consider before installing
This skill matches its stated travel-planning purpose, but it contains actionable instructions that affect system security: it tells the agent to install a global npm CLI (may require sudo) and repeatedly recommends disabling TLS certificate verification (NODE_TLS_REJECT_UNAUTHORIZED=0). If you plan to use it, consider: 1) refuse to run the TLS bypass — it makes network calls susceptible to MITM; 2) prefer installing the FlyAI CLI yourself after reviewing the package on npm/GitHub rather than letting the agent run global installs; 3) be aware the skill will read and write ~/.flyai/user-profile.md (and will attempt to use any platform memory APIs), so do not store sensitive secrets in that file; 4) if you are uncomfortable with automatic network installs or file writes, decline or sandbox the skill. If you want a safer setup, request a version that omits TLS bypasses and that documents exactly which external packages/hosts it will call.Like a lobster shell, security has layers — review code before you run it.
latestvk97dz1e9axsxrzx3rtjj1x5d3s845eep
License
MIT-0
Free to use, modify, and redistribute. No attribution required.