Aviationstack Cli
Security checks across static analysis, malware telemetry, and agentic risk
Overview
No malicious behavior is shown, but users should review the external CLI installation steps and API token setup before using it.
Before installing, verify that you trust the GitHub project and bun.sh installer, approve any PATH changes, and use a limited AviationStack API token if possible. The documented API commands are read-oriented and purpose-aligned.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the setup may download and execute external code and alter the local CLI environment.
The setup relies on unpinned external installation and a remote shell installer. This is disclosed and related to the CLI purpose, but users should trust and verify these sources before running them.
npx api2cli install Melvynx/aviationstack-cli ... bun --version || curl -fsSL https://bun.sh/install | bash
Install only after reviewing the referenced project and installer; prefer pinned versions or manual installation where possible.
The CLI can use the user's AviationStack API access and quota according to the permissions of the supplied token.
The skill expects an AviationStack API token for authentication. That is normal for this API integration, but users should recognize that the CLI will act with that token.
aviationstack-cli auth set "your-token"
Use a dedicated or least-privileged API token if available, avoid sharing it in chat unnecessarily, and rotate it if exposed.