Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Runrelay
v1.0.0Search and book flights, hotels, and travel via RunRelay API. Covers 300+ airlines including low-cost carriers (Ryanair, Wizz Air, EasyJet) that no other API...
⭐ 0· 303·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (travel search & booking) matches the SKILL.md examples. However the registry metadata lists no required environment variables or primary credential while SKILL.md explicitly instructs adding RUNRELAY_API_KEY and using it in Authorization headers. That metadata/manifest mismatch is an incoherence that should be resolved.
Instruction Scope
SKILL.md contains concrete curl examples that will transmit booking data (names, email, phone, birthDate) to external endpoints. Notable: hotel search uses https://runrelay-hotels.fly.dev without an Authorization header in the example, and multi-agent orchestration points to https://prefy.com — multiple different hosts will receive user data. The instructions do not ask the agent to read unrelated local files, but they do direct transmission of PII to multiple external services (one example appears unauthenticated), which raises privacy and provenance concerns.
Install Mechanism
This is instruction-only with no install spec and no code files, so nothing is written to disk or installed by the skill itself. That is the lowest-risk install model.
Credentials
The only credential implied by the instructions is RUNRELAY_API_KEY (added to ~/.openclaw/.env). The registry metadata, however, lists no required env vars or primary credential — a clear inconsistency. Aside from the single API key, the skill does not request other unrelated credentials, which is proportional, but the mismatch in declared vs. required credentials reduces trust.
Persistence & Privilege
The skill is not always-enabled, is user-invocable, and does not request persistent system privileges or modify other skills. Autonomous invocation is allowed by platform default but is not combined here with other troubling privileges.
What to consider before installing
Before installing, verify the following: (1) Confirm the RUNRELAY_API_KEY requirement — the registry should be updated to declare this as a required credential. (2) Verify the legitimacy of the domains used in SKILL.md (api.runrelay.io, runrelay-hotels.fly.dev, prefy.com). Ask the publisher whether runrelay-hotels.fly.dev and prefy.com are official partners and whether those endpoints require authentication and have appropriate privacy/data-retention policies. (3) Understand that booking calls will transmit passenger PII (names, email, phone, birth dates) — ensure you are comfortable sending that data to all listed hosts and that they use HTTPS and authentication. (4) Use a scoped test API key (not a production key) to evaluate behavior, and avoid storing keys in broadly-shared or production agent envs until provenance is confirmed. (5) If you need stronger assurance, ask the skill publisher to fix the metadata mismatch (declare RUNRELAY_API_KEY as a required env/primary credential) and to document which endpoints receive PII and which require auth. If the publisher cannot clarify, treat the skill as untrusted for handling real bookings or sensitive passenger data.Like a lobster shell, security has layers — review code before you run it.
latestvk979hk46nkpcs64h5kkqn50pvh825s42
License
MIT-0
Free to use, modify, and redistribute. No attribution required.