ClawHub
Back to skill
v1.0.4

VariflightAviation

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:40 AM.

Analysis

This flight-query skill is mostly purpose-aligned, but it runs an unpinned npm MCP package and passes the full local environment to it, which could expose unrelated secrets.

GuidanceBefore installing, verify the @variflight-ai/variflight-mcp package provenance, prefer a pinned version, and run the skill with a restricted environment containing only the Variflight API key and non-sensitive variables.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityMediumConfidenceHighStatusConcern
src/lib/variflight-client.js
command: 'npx', args: ['-y', '@variflight-ai/variflight-mcp']

The skill executes an unpinned npm package at runtime with automatic yes-to-install behavior.

User impactA future or compromised npm package version could run different code than the reviewed skill artifacts.
RecommendationPin the exact package version, document provenance, and prefer an install spec or lockfile so users know exactly what will run.
Unexpected Code Execution
SeverityLowConfidenceHighStatusNote
SKILL.md
通过 `npx` 按需启动 MCP 服务器 ... npx 首次自动下载 `@variflight-ai/variflight-mcp` 包

Runtime execution of the MCP server is disclosed and central to the skill, but users should still notice that invoking the skill launches local code.

User impactUsing the skill will start a local Node/npx-based MCP server rather than only reading static instructions.
RecommendationInstall only if you are comfortable running the Variflight MCP package locally, and review or pin that package where possible.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
src/lib/variflight-client.js
env: { ...process.env, X_VARIFLIGHT_KEY: this.apiKey, VARIFLIGHT_API_KEY: this.apiKey }

The spawned npx MCP process receives every environment variable, not just the Variflight API key required for the stated purpose.

User impactIf the agent environment contains other API keys, cloud tokens, or secrets, the external MCP process could access them.
RecommendationRun this only in a minimal environment, or change the skill to pass a small allowlist such as PATH plus X_VARIFLIGHT_KEY instead of all process.env.