Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (recommend popular hot springs and provide routes/guides) align with the SKILL.md content. There are no extra binaries, env vars, or config paths requested that would be unrelated to a travel recommendation skill.
Instruction Scope
SKILL.md contains only expected guidance (filters, output fields, sample queries, cautions). It repeats '更新频率' and '注意事项' sections verbatim which is likely an editorial duplication but not a security issue. The doc claims '每周迭代' (weekly updates) but provides no mechanism or external data source—this is an operational note, not a direct security concern.
Install Mechanism
No install spec and no code files — instruction-only. This minimizes risk because nothing is written to disk or downloaded at install time.
Credentials
The skill requests no environment variables, credentials, or config paths. That is proportionate for a read-only recommendation/guide skill.
Persistence & Privilege
always is false and the skill does not request elevated or persistent privileges. Default autonomous invocation is allowed (platform default) and is not by itself a concern here.
Assessment
This skill is low-risk: it doesn't install software or ask for credentials. Before enabling, consider: (1) the SKILL.md promises weekly updates but gives no source—ask the publisher how trends are refreshed if you need timeliness; (2) avoid entering sensitive personal data when requesting personalized routes or bookings; and (3) expect minor editorial issues (duplicate sections) but no hidden access requests.Like a lobster shell, security has layers — review code before you run it.
latestvk979a5remehsx39k7ht9mdp5dx838zjw
License
MIT-0
Free to use, modify, and redistribute. No attribution required.