Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
旅行盲盒
v1.0.1旅行盲盒助手,让旅行回归"探索未知"的本质。不选目的地,只设底线条件(预算上限、最远飞行时间、时间、排除城市),AI在满足条件的目的地中随机抽取一个,结合"拆盲盒"趣味交互。当用户提到"旅行盲盒"、"随机旅行"、"去哪都行"、"选择困难"、"不知道去哪"、"帮我选目的地"、"随机抽一个"、"盲盒"时使用。
⭐ 0· 68·0 current·0 all-time
byhello_hang@hello-ahang
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's declared purpose (randomized destination selection, search flights/hotels/POI, and remember user prefs) matches the instructions: it calls search-flight/search-hotel/search-poi, reads/writes a user-profile, and implements candidate selection. Asking to install a flyai CLI (via npm) is coherent with using 'flyai' commands, though that adds an external dependency.
Instruction Scope
Instructions explicitly read and update user profile data via either platform memory (search_memory/update_memory) or a local file at ~/.flyai/user-profile.md — this is expected. However, instructions repeatedly recommend running commands prefixed with NODE_TLS_REJECT_UNAUTHORIZED=0 (disabling TLS certificate checks) and recommend global npm installation and sudo usage. Disabling TLS verification and advising elevated install commands broaden the scope beyond normal assistant behavior and are unsafe.
Install Mechanism
There is no formal install spec, but the workflow instructs users/agents to run 'npm install -g @fly-ai/flyai-cli@latest' (and suggests npx usage). Installing an un-vetted global npm package from the public registry is a moderate risk — it downloads and installs third‑party code into the system. The lack of an included install manifest or verified upstream homepage increases uncertainty about the package origin and contents.
Credentials
The skill requests no explicit environment variables or external credentials, which is appropriate. However, it instructs setting NODE_TLS_REJECT_UNAUTHORIZED=0 to bypass TLS verification for network calls — this is an environment modification unrelated to user preferences and is disproportionate and unsafe. The skill writes/reads files under ~/.flyai which is reasonable for storing user profile, but persisting data to the user's home directory is a persistent capability the user should consent to.
Persistence & Privilege
always:false (normal). The skill uses and suggests maintaining a local user-profile (~/.flyai/user-profile.md) or platform memory, which is expected for remembering preferences. It does not request system-wide privileges or modify other skills/configs. Still, writing to the user's home directory and doing global npm installs are privileged actions the user should be aware of.
What to consider before installing
This skill appears to do what it says (pick random destinations, search flights/hotels, and remember preferences), but there are two red flags to consider before installing or executing it: (1) the SKILL.md advises disabling TLS certificate checking (NODE_TLS_REJECT_UNAUTHORIZED=0) — this defeats HTTPS security and can expose you to man-in-the-middle attacks; (2) it recommends installing an external npm package globally (@fly-ai/flyai-cli), which will run third-party code on your machine. If you want to use this skill safely: do not run with TLS verification disabled; avoid global installs of unknown packages (prefer running in an isolated environment or container); inspect the npm package source/repository before installing; and review or sandbox any changes to ~/.flyai. If you rely on platform memory features instead of local files, prefer that over writing to your home directory. If unsure, treat the skill as experimental and run it only in a disposable environment.Like a lobster shell, security has layers — review code before you run it.
latestvk972cm9h0an0by6vv2esj7pfvx84503d
License
MIT-0
Free to use, modify, and redistribute. No attribution required.