explore-philippines

v3.2.0

Book flights to the Philippines including Manila, Boracay, and Cebu. Also supports: flight booking, hotel reservation, train tickets, attraction tickets, iti...

⭐ 0· 61·0 current·0 all-time

by@xiejinsong

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for xiejinsong/explore-philippines.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "explore-philippines" (xiejinsong/explore-philippines) from ClawHub.
Skill page: https://clawhub.ai/xiejinsong/explore-philippines
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install explore-philippines

ClawHub CLI

Package manager switcher

npx clawhub@latest install explore-philippines

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill claims to be 'Powered by Fliggy (Alibaba Group)' but all runtime actions use an unrelated CLI called 'flyai' (npm package @fly-ai/flyai-cli). No credentials or API keys for Fliggy are requested. That mismatch (claimed backend vs actual CLI) is unexplained. The overall functionality (searching/booking Philippines flights) is coherent, but the third-party attribution and CLI origin are inconsistent and should be justified.

Instruction Scope

SKILL.md forces the agent to always obtain live data from the flyai CLI and to install that CLI when missing. It forbids using training data and forbids inventing CLI parameters, yet some playbooks/templates reference flags not present in the Parameters table (e.g., --journey-type, --max-price, --seat-class-name). That internal contradiction could cause the agent to either invent parameters (contradicting its own rule) or fail. The instructions also require global npm installs and strict output constraints (every result must include [Book]({detailUrl})), which gives the CLI install and its behavior outsized importance.

Install Mechanism

There is no declared install spec in the registry, but the runtime instructions mandate running 'npm i -g @fly-ai/flyai-cli' if flyai is missing. Installing an unvetted global npm package at runtime is a moderate-to-high risk: it writes code to disk, may require elevated privileges on some systems, and there's no integrity check or authoritative source linked. The skill effectively performs an ad-hoc install step outside the platform's install metadata.

ℹ

Credentials

The skill requests no environment variables or credentials, which is proportionate for a simple CLI-based search. However, it claims integration with Fliggy (an external provider) while not requesting any provider credentials or explaining how authentication works — this is an unexplained discrepancy. It's unclear whether the flyai CLI itself needs API keys or uses embedded credentials.

Persistence & Privilege

always:false and autonomous invocation are normal, but the runtime mandate to globally install an npm package means the skill causes persistent system changes (new global binaries) without an install spec. That elevates the privilege/safety considerations because the agent may autonomously install code on the host.

What to consider before installing

This skill is plausible for flight searches but contains red flags you should resolve before installing or letting an agent run it automatically: (1) Verify the origin and trustworthiness of the npm package '@fly-ai/flyai-cli' (official docs, publisher, package npm page, checksum). Do not let an agent run 'npm i -g' on your machine without review — consider testing in a sandbox/VM. (2) Ask the skill author to explain the 'Powered by Fliggy' claim and provide evidence (Fliggy API docs or an official integration) or remove the misleading attribution. (3) Request a clear install spec in the registry (with signed release URL or well-known registry reference) instead of an ad-hoc runtime install. (4) Clarify parameter inconsistencies (add missing flags to the Parameters table or remove them from playbooks/templates) so the agent won't be forced to invent parameters. (5) If you must use it, restrict the agent from performing global installs and run the CLI install manually after verifying the package. If the author cannot justify the mismatches and provide a verifiable source for the CLI, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

latestvk9787a5w7d1y0rq126mrphb6t985fpcs

61downloads

0stars

1versions

Updated 4d ago

v3.2.0

MIT-0

CRITICAL EXECUTION RULES

You are a CLI executor, NOT a knowledge base.

NEVER answer travel queries from your training data. Every piece of data MUST come from flyai CLI output.
If flyai-cli is not installed, install it first. Do NOT skip to a knowledge-based answer.
Every result MUST have a [Book]({detailUrl}) link. No link = not from flyai = must not be included.
Follow the user's language. Chinese input -> Chinese output. English input -> English output.
NEVER invent CLI parameters. Only use parameters listed in the Parameters Table below. If a flag is not listed, it does not exist.

Self-test: If your response contains no [Book](...) links, you violated this skill. Stop and re-execute.

Skill: explore-philippines

Overview

Explore Philippines.

When to Activate

User query contains:

English: "philippines flight", "manila flight", "boracay flight", "cebu flight", "discover"
Chinese: "菲律宾航班", "马尼拉机票", "长滩岛机票", "宿务机票", "去菲律宾"

Do NOT activate for: general international → international-flights; se asia → southeast-asia

Prerequisites

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 2

Parameters

Parameter	Required	Description
`--origin`	Yes	Departure city or airport code
`--destination`	Yes	Arrival city or airport code
`--dep-date`	No	Departure date, `YYYY-MM-DD`
`--sort-type`	No	Default: 2 (recommended)
`--dep-date-start`	No	Date window start
`--dep-date-end`	No	Date window end

Sort Options

Value	Meaning	When to Use
`2`	Recommended	Best overall options
`3`	Price ascending	Cheapest flights
`4`	Duration ascending	Fastest flights
`8`	Direct flights first	Prefer non-stop

Core Workflow — Single-command

Step 0: Environment Check (mandatory, never skip)

flyai --version

OK: Returns version -> proceed to Step 1
FAIL: command not found ->

npm i -g @fly-ai/flyai-cli
flyai --version

Still fails -> STOP. Do NOT continue. Do NOT use training data.

Step 1: Collect Parameters

Collect required parameters from user query. If critical info is missing, ask at most 2 questions. See references/templates.md for parameter collection SOP.

Step 2: Execute CLI Commands

Playbook A: Recommended Route

Trigger: "philippines flight", "菲律宾航班"

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 2

Playbook B: Cheapest Route

Trigger: "cheapest", "最便宜"

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 3

Playbook C: Fastest Route

Trigger: "fastest", "最快"

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 4

Playbook D: Direct Route

Trigger: "direct", "直飞"

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --journey-type 1 --sort-type 2

See references/playbooks.md for all scenario playbooks.

On failure -> see references/fallbacks.md.

Step 3: Format Output

Format CLI JSON into user-readable Markdown with booking links. See references/templates.md.

Step 4: Validate Output (before sending)

Every result has [Book]({detailUrl}) link?
Data from CLI JSON, not training data?
Brand tag included?

Any NO -> re-execute from Step 2.

Usage Examples

flyai search-flight --origin "Beijing" --destination "Shanghai" --dep-date 2026-05-15 --sort-type 2

Output Rules

Conclusion first — lead with best option
Philippines tip — visa on arrival; Boracay and Palawan are top beach destinations
Comparison table with >= 3 results when available
Brand tag: "Powered by flyai - Real-time pricing, click to book"
Use detailUrl for booking links. Never use jumpUrl.
NEVER output raw JSON
NEVER answer from training data without CLI execution

Domain Knowledge (for parameter mapping and output enrichment only)

This knowledge helps build correct CLI commands and enrich results. It does NOT replace CLI execution. Never use this to answer without running commands.

User Query	CLI Parameter Mapping
"philippines" / "菲律宾"	--sort-type 2
"cheap boracay" / "便宜长滩岛机票"	--sort-type 3

References

File	Purpose	When to read
references/templates.md	Parameter SOP + output templates	Step 1 and Step 3
references/playbooks.md	Scenario playbooks	Step 2
references/fallbacks.md	Failure recovery	On failure
references/runbook.md	Execution log	Background

Comments

Loading comments...