Skillv1.0.5

ClawScan security

Google Flights Realtime API · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 12, 2026, 5:32 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly matches its stated purpose (calling a RapidAPI Google Flights endpoint with a RAPIDAPI_KEY) but contains mismatches and unclear instructions (undeclared runtime binaries, inconsistent guidance about using Python, and a parallel-scan pattern that can generate many requests) that warrant caution before installing.
Guidance: This skill appears to do what it says (call RapidAPI's Google Flights endpoint using RAPIDAPI_KEY), but take the following precautions before installing: - Confirm the source and ownership: the skill's source is listed as 'unknown' in the registry; verify the RapidAPI homepage owner (the provided RapidAPI link) and that you trust that provider. - Provide only a RapidAPI key with minimal permissions and monitor usage: the skill will send your RAPIDAPI_KEY in the x-rapidapi-key header. Consider using a key tied to an account you can monitor and revoke. - Ensure your runtime has the expected tools: SKILL.md expects curl, bash, mktemp, and (apparently) python3. The registry metadata did not declare any required binaries — verify these binaries exist in your agent environment before use. - Be cautious about parallel date-range scans: the skill instructs generating bash scripts that fire many concurrent requests and write temp files. That can quickly exhaust free quotas or incur charges on paid plans. If you install, enforce request limits or require explicit confirmation before wide scans. - Review the full SKILL.md (the provided copy was truncated) to inspect the Python snippet used in the parallel-scan example; the truncated line (python3 -c "from d...) is ambiguous and should be reviewed to ensure it doesn't import unexpected modules or call external endpoints. If you need higher assurance, ask the skill author for the full SKILL.md and a clear statement of required runtime binaries and the exact parallel-scan behavior (how many concurrent requests, backoff, error handling).

Review Dimensions

Purpose & Capability: concernThe skill's purpose (search Google Flights via RapidAPI) matches the single required credential (RAPIDAPI_KEY) and the described endpoint. However, the SKILL.md assumes the availability of runtime tools (curl, bash, mktemp, python3) but the registry metadata declares no required binaries. The skill also claims to communicate exclusively with google-flights-live-api.p.rapidapi.com, which is consistent with its purpose.
Instruction Scope: concernInstructions direct the agent to run curl POSTs and to generate/execute bash scripts for parallel date-range scans that create temp files and combine results. This is within the skill's functional scope, but the parallel-scan pattern can spawn many concurrent requests (risking quota/cost and heavy network usage). The SKILL.md also tells agents not to use Python requests yet the example parallel script (truncated) invokes python3 -c, an inconsistency that increases uncertainty about what the agent will run. The truncated content prevents full review of that Python command.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files, so nothing is written to disk by an installer. That is the lowest-risk install model and is coherent with the README's claim of 'no code execution' (though the agent will execute shell commands at runtime).
Credentials: okOnly RAPIDAPI_KEY is required and declared as the primary credential, which is appropriate for a RapidAPI-backed flight search skill. The README offers an alternative config path (~/.openclaw/openclaw.json) which is reasonable. No unrelated secrets are requested.
Persistence & Privilege: okThe skill does not request always:true, does not require system-wide config changes, and is user-invocable. The README's example shows storing an API key in the skill's config section (normal). No elevated privileges are requested.