ClawHub
Back to skill
v1.0.0

travai

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:19 AM.

Analysis

TravAI looks purpose-aligned for travel search and booking, but it asks the agent to handle account login tokens and card/crypto payment workflows that are not declared in the skill metadata.

GuidanceReview carefully before installing. Use it only if you trust TravAI with your travel searches, account credentials, and payment workflow. Do not provide a password or token unless you intend to grant account access, and require an explicit final confirmation before any card or crypto payment is created.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceMediumStatusConcern
SKILL.md
description: Search flights and stays, then create card or crypto payments via TravAI ... Changes and cancellations are not available via the API

The skill’s intended actions include creating payment flows for travel bookings, and the artifact states that changes/cancellations cannot be handled through the API. That is high-impact mutation authority where users should confirm details carefully.

User impactThe agent could help initiate payments or bookings that may be difficult to reverse through the same API.
RecommendationBefore any payment or booking step, require explicit user confirmation of itinerary, guest details, total price, currency, payment method, and refund/cancellation limitations.
Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceMediumStatusConcern
SKILL.md
If this skill conflicts with backend behavior, check the live OpenAPI schema: https://api.travai.tech/openapi.json Follow the live schema over this doc.

The reviewed static instructions defer to a mutable remote API schema. For a skill that handles authentication and payments, this creates a provenance and change-control concern because behavior can shift after installation.

User impactThe agent may rely on API behavior or endpoint definitions that were not present in the reviewed artifact.
RecommendationReview the live API schema before using payment or account endpoints, and prefer pinned, versioned documentation for high-impact booking/payment workflows.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
All endpoints (except sign-in and sign-up) require: Authorization: Bearer {access_token} ... Sign In ... "email" ... "password" ... Paste token

This shows the skill expects the user or agent to provide TravAI account credentials or an access token. The registry metadata declares no primary credential or required environment variables, so the account-access requirement is under-disclosed.

User impactA user may give the agent a password or bearer token that can access their TravAI account and support payment-related actions.
RecommendationTreat this as a sensitive account integration: only use it if you trust the TravAI service, avoid sharing passwords when a scoped token is available, and revoke tokens after use if possible.