ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Flyai Travelmapify

v2.2.0

Copy Xiaohongshu travel planning homework into interactive route maps with real FlyAI hotel search in seconds.

0· 74·0 current·0 all-time
by@rudy2steiner
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated purpose (image/text → interactive map + FlyAI hotel search) is consistent with the included scripts (OCR, geocoding, template generation, hotel-search-server). However the registry metadata does not declare the real external dependencies the code requires: the SKILL and references repeatedly mention an Amap API key and a local Amap proxy, and the code actively looks for a FlyAI CLI. Those credentials/tools are central to the skill but are missing from the declared requirements, which is an incoherence.
Instruction Scope
SKILL.md and scripts instruct the agent to parse images, call a local Amap proxy, start an HTTP server (default port 9000) and a hotel-search server (default port 8770), and interactively ask the user for clarifications. All of that is within the described functionality. A notable scope point: the code (scripts/config.py) scans for OpenClaw workspace indicators (AGENTS.md, SOUL.md) and searches the filesystem for FlyAI binaries; this filesystem discovery goes beyond simple map generation and could reveal the presence/paths of other user tooling.
Install Mechanism
There is no automatic install spec (instruction-only install), and the skill ships runnable Python scripts. No remote downloads or archive extraction are used in the provided files, so the install mechanism itself is low risk. Running the scripts will of course execute code from the skill directory.
!
Credentials
The skill's documentation and code require an Amap Web API key (and a local Amap proxy) and the FlyAI CLI, but the registry lists no required environment variables or primary credentials. The code also accepts an OPENCLAW_WORKSPACE env var as an override and tries to discover FlyAI by running subprocesses and scanning standard Node/NVM paths. Requesting or probing for unrelated credentials was not observed, but the omission of Amap/FlyAI requirements from the declared metadata is a meaningful mismatch.
Persistence & Privilege
always:false (no forced always-on privilege). The skill will auto-start local HTTP and hotel servers when run, and the main script auto-executes a bundled 'main' script. Those behaviors are reasonable for a local web-app style tool, but combined with the filesystem probing and potential to invoke FlyAI (a separate CLI that may have credentials), it increases the blast radius if you run the skill in an environment with sensitive data or shared services.
What to consider before installing
Key points to consider before installing/running: - Missing declared requirements: The registry shows no required env vars, but the skill needs an Amap Web API key (and the recommended local Amap proxy) and the FlyAI CLI. Ask the author to explicitly declare these requirements and what env names are expected. - Filesystem probing: scripts/config.py actively searches your filesystem for OpenClaw workspace files and for the flyai executable (runs 'which flyai', queries npm global bin, and rglob-searches common node paths). If you are uncomfortable with a skill scanning your home directories, run it in a sandbox or container. - Local servers: The tool auto-starts HTTP and hotel-search servers (default ports 9000 and 8770). Ensure those ports are allowed and that running local servers is acceptable in your environment. Confirm the hotel-search-server's behavior and whether it calls external network services. - Amap proxy & API keys: The skill expects a local proxy to avoid exposing API keys client-side. Only provide an Amap API key to a proxy you trust; do not paste keys into untrusted remote services. Verify the proxy implementation you run. - Inspect and test before trusting: Because the skill ships many scripts, review the hotel-search-server and main scripts for any outbound network requests or unexpected behavior. Run the skill in an isolated environment (VM/container) first if you cannot fully audit the code. - What would change this assessment: if the publisher supplies a verified homepage/source repo, documents exact env var names/credentials in the registry, or provides minimal code that clearly documents all external calls (and you can audit the hotel-search-server), the assessment would move toward benign. Conversely, any hidden remote endpoints, undisclosed credentials use, or attempts to transmit data off-host would worsen the verdict.

Like a lobster shell, security has layers — review code before you run it.

ai-visionvk970gcsd3vwtevberenrsmhvdx845wdpflyaivk970gcsd3vwtevberenrsmhvdx845wdpgeocodingvk970gcsd3vwtevberenrsmhvdx845wdphotelsvk970gcsd3vwtevberenrsmhvdx845wdpinteractivevk970gcsd3vwtevberenrsmhvdx845wdplatestvk97b2xxwebvr4w1zbfg5744jas848066mapsvk970gcsd3vwtevberenrsmhvdx845wdpocrvk9722t4e1bgbnz5f7x6arss5y584552droutingvk970gcsd3vwtevberenrsmhvdx845wdpserver-managementvk970gcsd3vwtevberenrsmhvdx845wdptravelvk970gcsd3vwtevberenrsmhvdx845wdpunique-idvk970gcsd3vwtevberenrsmhvdx845wdp

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments