Aerobase Awards
Security checks across malware telemetry and agentic risk
Overview
The award-search features fit the stated purpose, but the skill also asks for airline loyalty logins and proxy/browser access without enough boundaries, so it should be reviewed carefully before use.
This skill is reasonable for API-based award searches, but be cautious with any flow that asks for airline loyalty credentials or uses a proxy/browser. Use API-only searches when possible, do not share passwords in chat, confirm any external Scrapling lookup, and review or delete saved trips and alerts you no longer need.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Airline loyalty accounts can contain personal information and valuable miles; sharing credentials with an agent or browser flow could expose the account or enable unintended account actions if mishandled.
The skill asks the agent/browser flow to handle airline loyalty account credentials, while the declared primary credential is only AEROBASE_API_KEY and the instructions do not clearly bound credential entry, allowed account actions, or output limits.
Airline Award Search (PROXY required) - Navigate to airline's FFP booking page (behind login wall) - User must provide credentials for their account - NEVER store or log FFP credentials
Prefer the Aerobase/seats.aero API path. Do not type loyalty-program passwords into chat; only use official login flows you control, and require explicit confirmation that the agent will only search availability and will not book, redeem, change, or save account data.
A browser/proxy fallback could interact with logged-in airline or travel sites beyond simple searching, increasing the chance of unintended actions or account exposure.
The skill introduces browser automation through a proxy against protected, logged-in services. Although it says to prefer the API, the fallback lacks clear limits on when it is allowed, which sites may be accessed, and what user approval is required.
Cloudflare protected. Use API cache first. Browser via proxy only for logged-in users.
Keep browser/proxy fallback disabled unless the user explicitly requests it for a specific site and task. Document allowed domains, require confirmation before interacting with logged-in pages, and prohibit purchases, redemptions, profile changes, or credential storage.
Travel search details may be shared with a third-party or configured scraping service.
The skill may send itinerary details such as route and dates to a Scrapling endpoint for cash-price lookup. This is purpose-aligned, but the endpoint is configurable and not declared in the registry metadata.
Use Scrapling `/search` to get cash prices from Google Flights for cents-per-point value: POST {SCRAPLING_URL}/search {"site":"google-flights","origin":"JFK","destination":"LHR","departure":"2026-04-01","return":"2026-04-08"}Use only a trusted Scrapling endpoint, avoid sending sensitive or private itinerary details unless needed, and confirm when external cash-price lookups are being performed.
Saved trips and alerts can reveal travel plans and may continue monitoring after the initial request.
The skill uses provider-side saved trip results and persistent alert monitoring. This is consistent with the travel-search purpose, but it means prior travel searches and alert preferences may be stored and reused.
GET /api/v1/awards/trips — retrieve saved award trip search results ... POST /api/awards/alerts — create alert ... Award monitoring cron: every 4 hours
Review saved trips and alerts periodically, delete entries you no longer need, and create alerts only for routes and dates you are comfortable storing with the service.