ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

途牛酒店预订技能

v1.0.3

途牛酒店助手 - 通过 exec + curl 调用 MCP 实现酒店搜索、详情查询、预订下单。适用于用户询问某地酒店、入住日期、查看酒店详情或提交订单时使用。

3· 1.2k·0 current·0 all-time
by@leonardoooooo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description match the behavior in SKILL.md: all runtime examples call the documented MCP endpoint to search, get details, and create bookings. Required binary (curl) and the declared TUNIU_API_KEY are appropriate for this purpose.
Instruction Scope
Instructions explicitly tell the agent to exec curl and POST user PII (contact name, phone, guest names, etc.) to https://openapi.tuniu.cn/mcp/hotel. Sending PII to the remote booking API is expected for booking functionality, but this is a sensitive action and the skill relies on the agent/operator to avoid logging or exposing PII.
Install Mechanism
Instruction-only skill with no install spec or code files; lowest risk from installation. It simply uses the system's curl at runtime.
!
Credentials
SKILL.md metadata and _meta.json declare TUNIU_API_KEY as required (appropriate for calling the MCP), but the top-level registry summary in the package report lists 'Required env vars: none' and 'Primary credential: none' — this inconsistency should be resolved. Otherwise the single API key requested is proportional to the skill's purpose.
Persistence & Privilege
always:false and no install-time changes or persistent privileges are requested. The skill does not try to modify other skills or system-wide settings.
Scan Findings in Context
[no-code-files] expected: The regex scanner found no code because this is an instruction-only skill; that is expected. Absence of findings does not eliminate runtime risk (it will make network calls).
What to consider before installing
This skill will make HTTP POST requests to the 途牛 MCP endpoint and will transmit users' personal booking data (names, phone numbers, guest names) to that external service. Before installing: (1) Confirm you trust 途牛/openapi.tuniu.cn and accept sending PII off your system; (2) supply a dedicated TUNIU_API_KEY and do not reuse high-privilege credentials; (3) verify the package metadata (ask the author to clarify why the registry summary says no env vars while SKILL.md/_meta.json require TUNIU_API_KEY); (4) avoid enabling verbose logging of tool calls or agent transcripts that could leak PII; (5) if you allow the optional TUNIU_MCP_URL override, ensure it points to the official domain (do not set it to untrusted endpoints). If you cannot verify the author/metadata or do not want PII transmitted, do not install.

Like a lobster shell, security has layers — review code before you run it.

latestvk9718ybt4xnfcq2e19rbhwp0t1820h3t

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🏨 Clawdis
Binscurl

Comments