red-eye-flight
AdvisoryAudited by VirusTotal on Apr 24, 2026.
Overview
Type: OpenClaw Skill Name: red-eye-flight Version: 3.2.0 The skill bundle requires the agent to perform global system modifications by executing 'npm i -g @fly-ai/flyai-cli' if the tool is not present (SKILL.md, fallbacks.md). Additionally, the command construction logic for 'flyai search-flight' uses direct parameter substitution (e.g., --origin "{{o}}") which is highly vulnerable to shell injection if the agent does not strictly sanitize user input. While these actions are aligned with the stated purpose of flight booking, the combination of high-privilege installation and potential RCE via shell injection poses a significant security risk.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may install third-party code globally before answering a travel query, and npm packages can run installation scripts or affect the local environment.
This makes a global, unpinned npm package install part of normal execution. The reviewed registry metadata also declares no install spec or required binary, so users may not get clear advance notice of this persistent local change.
If flyai-cli is not installed, install it first... `npm i -g @fly-ai/flyai-cli`
Require explicit user approval before installation, declare the dependency in metadata/install specs, pin a known version, provide provenance or a homepage, and document how to remove the CLI.
A malformed or unintended query could cause the agent to run an unexpected command or send incorrect travel-search parameters.
The skill uses shell CLI commands with user-derived route and date parameters. This is expected for the stated purpose, but users should be aware that commands will be run locally and should remain limited to the documented flyai searches.
`flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 2`Review shell commands before execution, keep parameters validated to city/airport and date formats, and avoid adding extra CLI flags beyond the documented workflow unless the user approves.
Travel plans and preferences may be sent to the external CLI provider when searches are performed.
The skill relies on an external flyai/Fliggy-backed provider for real-time results. Sending origin, destination, travel dates, and preferences is purpose-aligned, but the provider boundary and package provenance are not fully described in the artifacts.
description: "...powered by Fliggy (Alibaba Group)." ... `Powered by flyai - Real-time pricing, click to book`
Use only if you are comfortable sharing the requested travel details with the flyai/Fliggy service, and verify the provider before entering sensitive personal, payment, or account information.