Back to skill
Skillv1.0.0
ClawScan security
Booking Real Time Hotel Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 12, 2026, 6:42 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent: it is instruction-only, only requests a RapidAPI key (RAPIDAPI_KEY) and network access to booking-live-api.p.rapidapi.com, and its instructions match its stated purpose.
- Guidance
- This skill appears coherent, but before installing: (1) verify the RapidAPI Booking Live API listing and the provider (https://rapidapi.com/mtnrabi/api/booking-live-api) to ensure you trust the API and its pricing/limits; (2) use a dedicated RapidAPI key or scoped credential if possible (to limit blast radius and billing exposure); (3) monitor usage/quotas on RapidAPI and rotate the key if you suspect misuse; (4) if you prefer tighter control, avoid setting RAPIDAPI_KEY as a global environment variable and instead configure it in the skill-specific OpenClaw skill config or enable the skill only when needed; (5) remember the agent will make outbound HTTPS requests to RapidAPI when the skill runs — if you need to prevent autonomous calls, disable model invocation for this skill or keep it disabled until manually invoked.
Review Dimensions
- Purpose & Capability
- okName/description (real-time Booking.com searches) align with the declared requirement (RAPIDAPI_KEY) and the documented API host. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md instructs the agent to call RapidAPI endpoints (search, hotel, resolve, etc.) and to read RAPIDAPI_KEY. It does not direct reading of other files, other env vars, or contacting other domains. The actions described stay within the stated purpose.
- Install Mechanism
- okThere is no install spec and no code files — this is instruction-only, so nothing is downloaded or written to disk by an installer.
- Credentials
- okOnly a single credential (RAPIDAPI_KEY) is required and is appropriate for calling the documented RapidAPI-hosted service. Note: that key grants access to your RapidAPI usage/billing and is sent in the x-rapidapi-key header as documented.
- Persistence & Privilege
- noteThe skill is not always-enabled (always:false) and is user-invocable. The default allowance for autonomous model invocation is enabled (disable-model-invocation:false) — this is normal but means the agent could call the API using your key when the skill is invoked autonomously.