周末去哪儿
WarnAudited by ClawScan on May 10, 2026.
Overview
The travel-planning purpose is coherent, but the skill asks the agent to install an unpinned global CLI, suggests sudo, and disables TLS checks on errors.
Use caution before installing. The trip-planning behavior itself is reasonable, but do not let the agent run a global npm install, use sudo, or disable TLS checks unless you understand and accept those risks. If you use the profile feature, review what personal travel details are stored.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing or updating this external CLI could modify the local environment and run code that was not part of the reviewed skill.
The skill is presented as instruction-only with no install spec, but its workflow tells the agent to install or update an unpinned global npm package before searches. A global @latest install can change over time and run package code outside the reviewed artifacts.
在执行任何搜索之前,必须先执行安装命令(无论是否已安装,确保为最新版本): npm install -g @fly-ai/flyai-cli@latest --registry=https://registry.npmjs.org
Declare the CLI dependency in install metadata, pin a reviewed version, prefer user-local or sandboxed execution, and require explicit user approval before installing or upgrading.
If followed, this could allow the package installation process to run with administrator-level access on the user's machine.
The workflow recommends sudo for a global npm install if permissions are insufficient. That grants elevated system privileges to an external package installer, which is not clearly necessary for travel recommendations.
权限不足 | 建议使用 `sudo npm install -g @fly-ai/flyai-cli@latest --registry=https://registry.npmjs.org`
Avoid sudo for package installation; use a user-local Node environment such as nvm, a sandbox, or a clearly reviewed packaged dependency.
Network attackers or misconfigured proxies could more easily intercept or tamper with searches, prices, links, or personal travel details.
Setting NODE_TLS_REJECT_UNAUTHORIZED=0 disables Node.js TLS certificate verification for the FlyAI command, weakening HTTPS protections for travel queries and returned booking data.
如果遇到 "SSL 证书验证失败" 错误,需要在命令前加上环境变量: NODE_TLS_REJECT_UNAUTHORIZED=0 flyai <command>
Do not disable TLS verification as a default workaround; fix certificate or proxy configuration and only proceed with clear user understanding of the risk.
Stored preferences may influence future recommendations and may reveal personal travel habits if the memory or local file is exposed.
The skill reads a persistent travel profile at startup and can save new preferences after confirmation. This is purpose-aligned, but the stored profile may contain personal details such as home city, budget, family members, and travel history.
启动时读取用户历史偏好... search_memory(query="用户旅行画像", category="user_hobby", keywords="flyai") ... read_file(file_path="~/.flyai/user-profile.md")
Only save preferences you are comfortable retaining, review the stored profile periodically, and delete or edit ~/.flyai/user-profile.md or memory entries when no longer needed.