Back to skill
Skillv3.2.0
VirusTotal security
red-flights · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 27, 2026, 3:11 AM
- Hash
- 3eee4d8ac2a20ea9a6d125a06bde984dede890a9b20f4858606561bf340cbfed
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: red-flights Version: 3.2.0 The skill is a flight search tool that relies on a third-party CLI (@fly-ai/flyai-cli). It is classified as suspicious because it constructs shell commands using unvalidated user input (e.g., in SKILL.md and references/playbooks.md), which presents a shell injection risk. Additionally, it instructs the agent to perform global package installations, including the use of 'sudo' in fallbacks.md, which are high-privilege operations that could be abused if the target package or the command construction is compromised.
- External report
- View on VirusTotal