Flyai Travelmapify
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its travel-map purpose, but an included local proxy can let crafted web requests run shell commands on the user’s computer.
Do not run the bundled Amap proxy until the shell execution issue is fixed. If you still test the skill, use an isolated environment, bind services to localhost only, stop local servers afterward, and avoid providing sensitive travel images or private itinerary details.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this proxy is running, a malicious local webpage or network request could potentially execute commands with the user’s privileges.
The HTTP query and city values are inserted into a shell command and executed with child_process.exec, so crafted input could break out of the intended command.
const command = `cd "${amapMapsDir}" && AMAP_KEY="${amapKey}" node scripts/amap.js search text "${query}" ${city}`; ... exec(command, { timeout: 10000 }, ...)Replace exec with spawn/execFile using an argument array, strictly validate q/city, quote nothing through a shell, bind only to 127.0.0.1, and add a local authorization/CSRF protection mechanism.
Other websites or clients may be able to trigger the local proxy unexpectedly while it is running.
The proxy accepts unauthenticated cross-origin HTTP requests and routes user-controlled parameters into a shell-backed geocoding helper.
'Access-Control-Allow-Origin': '*', ... const query = parsedUrl.query.q; const city = parsedUrl.query.city || '重庆'; ... handleSearch(query, city, res);
Limit CORS to trusted origins, bind the service to localhost explicitly, require a local token for requests, and avoid exposing shell-backed operations over a permissive HTTP API.
Users have less registry-level information to verify where the code came from and what runtime components it needs.
The package contains runnable Python/Node files and depends on external tools, but registry provenance and install/dependency metadata are limited.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Publish a source/homepage, declare required binaries and runtime services in metadata, and pin/document external dependencies clearly.
Local ports may stay open and serve map or hotel-search functionality until stopped.
The skill intentionally starts local services as part of its workflow; this is disclosed, but those services may remain active after the map is generated.
Automatically start HTTP server on port 9000 ... Automatically start hotel search server on port 8770 ... Check if servers are already running
Run only when needed, stop the servers after use, and prefer localhost-only binding with clear shutdown instructions.
Itinerary details or travel-planning images may be sent to mapping, hotel-search, or vision providers.
Travel locations, hotel-search context, and possibly images are processed through external provider or agent capabilities as part of the intended workflow.
Geocodes locations ... using Amap API ... Integrates real FlyAI hotel search ... Use agent's AI Vision capability to analyze travel planning images
Avoid submitting sensitive images or private travel details unless you are comfortable with the involved providers and their privacy terms.