Back to skill
Skillv1.0.1
ClawScan security
FlightClaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 17, 2026, 7:27 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, scripts, and runtime instructions are consistent with a Google‑Flights-based flight search and tracking tool; nothing requests unrelated credentials or system access, though a few documentation claims don't match the code and merit attention before use.
- Guidance
- This skill appears to be what it says: a Google‑Flights search and tracker implemented in Python. Before installing, consider: 1) The README/ SKILL.md claims an 'R2 backup' but the code only writes tracked.json locally — if you rely on cloud backup, verify or add it yourself. 2) The tool uses a third‑party 'flights' package to call an internal Google Flights endpoint; this may break if Google changes the API and could have TOS implications — review the 'flights' package and its reputation. 3) setup.sh runs pip install for external packages — inspect those packages (and their versions) before running in a production environment. 4) Tracked data is stored locally (skills/flightclaw/data/tracked.json); if run on a shared machine, treat that file as potentially sensitive metadata. 5) The MCP server exposes tools to MCP clients if you register server.py; only run that on a host you control. If you want to be cautious, run initial tests in a sandbox or isolated environment and audit the 'flights' dependency source before trusting it.
Review Dimensions
- Purpose & Capability
- okThe name/description (search, filter, track flight prices from Google Flights) matches the included Python scripts and server. The code calls a Google Flights endpoint via a third‑party 'flights' client and implements tracking with a local tracked.json — coherent with the stated purpose. One mismatch: SKILL.md claims persistence 'via R2 backup', but the code reads/writes only a local data/tracked.json and contains no R2 integration or credentials.
- Instruction Scope
- noteSKILL.md instructs running setup.sh and the provided scripts (search, track, check, list) and to register an MCP server; those instructions align with the code. The doc also gives an npx install reference to 'jackculpan/flightclaw' and mentions R2 backup which are not reflected in the repository files — this is a documentation inconsistency. The runtime instructions do not ask the agent to read unrelated files or environment variables.
- Install Mechanism
- okThere is no registry install spec; the included setup.sh runs 'pip install flights "mcp[cli]"' — a typical Python install from PyPI. No downloads from arbitrary URLs or extracted archives are present. Installing third‑party pip packages is normal but carries the usual supply‑chain risk (review the 'flights' and 'mcp' packages before installing).
- Credentials
- okThe skill declares no required environment variables or credentials, and the code does not access system secrets or unrelated config paths. Network access to Google (the Google Flights backend) is required and expected for the stated functionality. There are no other credentials requested, which is proportionate.
- Persistence & Privilege
- okThe skill does not request permanent 'always' inclusion and does not modify other skills or system settings. It persists tracking data locally in skills/flightclaw/data/tracked.json; this is within scope for a tracker. Note that running the MCP server exposes registered tools to MCP clients — standard for an MCP tool but something to be aware of if running on a multi‑user host.