Back to skill
Skillv1.0.0
ClawScan security
Moltravel - The Travel Agent for AI Agents · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 2, 2026, 3:04 PM
- Verdict
- benign
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (travel planning) matches its instructions and requirements; it is an instruction-only MCP-based travel integration that does not ask for credentials or install code, but it routes user queries to an external MolTravel MCP server (privacy/third-party risk).
- Guidance
- This skill appears coherent for travel tasks, but it forwards queries to an external service (https://mcp.molttravel.com/mcp) that requires no authentication. Before installing, consider whether you trust that third party with any travel-related personal data the agent might include (passport country, travel dates, passenger names, frequent-flyer numbers, etc.). If you have privacy concerns: avoid sharing sensitive PII in prompts, verify the vendor (Navifare / molttravel.com) independently, or disable/limit the skill. If you need stronger guarantees, prefer integrations that require authenticated API keys or run on services you control.
Review Dimensions
- Purpose & Capability
- okName, description, and tool list all relate to travel (flights, visas, country info, activities). The skill requests no unrelated binaries, env vars, or config paths — this is proportionate for a travel agent integration.
- Instruction Scope
- noteSKILL.md instructs the agent to call a set of MCP tools (kiwi_search-flight, visa_check, peek_*, etc.) and to auto-route/format results. All referenced tools are declared and belong to travel domain. Caution: the instructions explicitly direct traffic to an external MCP endpoint (https://mcp.molttravel.com/mcp) and state 'no authentication required', so user queries (including any PII the agent includes) will be sent to that third-party service — this is expected functionality but a privacy consideration.
- Install Mechanism
- okNo install spec and no code files — instruction-only skill. Nothing is downloaded or written to disk by the plugin itself.
- Credentials
- okThe skill requires no environment variables, credentials, or config paths. This is consistent with the documented behavior (MCP server calls with no auth).
- Persistence & Privilege
- okalways:false and user-invocable:true (defaults) — the skill does not demand forced or permanent inclusion or elevated privileges. It does not request to modify other skills or system settings.