mid-autumn-flight

v3.2.0

Book Mid-Autumn Festival flights for moon festival travel and autumn reunion. Also supports: flight booking, hotel reservation, train tickets, attraction tic...

⭐ 0· 59·0 current·0 all-time

by@xiejinsong

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for xiejinsong/mid-autumn-flight.

Previewing Install & Setup.

Prompt PreviewInstall & Setup

Install the skill "mid-autumn-flight" (xiejinsong/mid-autumn-flight) from ClawHub.
Skill page: https://clawhub.ai/xiejinsong/mid-autumn-flight
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install mid-autumn-flight

ClawHub CLI

Package manager switcher

npx clawhub@latest install mid-autumn-flight

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The skill claims to be "powered by Fliggy (Alibaba Group)" but all runtime commands use a CLI called `flyai` and the npm package `@fly-ai/flyai-cli`. There is no homepage or source declared to reconcile this. That mismatch (brand claim vs actual tooling) is incoherent and could indicate mislabeling or deception. Aside from that, the CLI-based workflow (search-flight commands) is consistent with a flight-search purpose.

Instruction Scope

SKILL.md mandates the agent never answer from its training data and to always obtain results from the `flyai` CLI; if the CLI is missing it requires running `npm i -g @fly-ai/flyai-cli`. It also enforces that every result must include `[Book]({detailUrl})` and instructs re-execution if links are missing, which could create repeated CLI runs or an infinite retry loop if the CLI doesn't produce the expected fields. The instructions also perform global package installation and run arbitrary CLI commands on the host — behavior that goes beyond passive text handling and should be reviewed by the user.

Install Mechanism

There is no declared install spec in the skill metadata, but runtime instructions tell the agent to run `npm i -g @fly-ai/flyai-cli` if `flyai` is missing. Installing a global npm package at runtime is a moderate-to-high risk action because it downloads and executes code from the public registry and modifies the system. The skill provides no verification (homepage, package publisher, checksum) and the package name is not clearly tied to the claimed Fliggy/Alibaba brand, increasing suspicion.

✓

Credentials

The skill requests no environment variables, credentials, or config paths — which is proportionate for a read-only search workflow. However, note that booking or account actions (if later added) would normally require credentials; currently none are requested, so there is no immediate secret-exfiltration vector declared in the skill.

ℹ

Persistence & Privilege

The skill does not request permanent inclusion (always: false) and does not declare changes to other skills or agent-wide settings. However, its runtime behavior includes installing a global npm package, which modifies the host environment and may require elevated privileges; that system-level change is a persistent side-effect to be aware of even though the skill itself does not declare 'always' or other elevated flags.

What to consider before installing

Plain-language checklist before installing or enabling this skill: - Verify the CLI package: look up `@fly-ai/flyai-cli` on the npm registry. Who publishes it? Is the publisher or README tied to Fliggy/Alibaba? If you can't verify the publisher, avoid installing it. - Prefer explicit sources: the skill has no homepage or source repository. A travel/booking skill claiming to be "powered by Fliggy" should link to an official API or vendor page. Ask the publisher for provenance. - Be cautious about global installs: the skill instructs `npm i -g ...` which will install software system-wide. That can run arbitrary code and may require admin rights. Consider running it in an isolated environment or container first. - Watch for retry loops: the skill mandates re-running searches until `[Book]({detailUrl})` links appear. If the CLI doesn't return those fields, the agent may retry repeatedly. Limit agent permissions and monitor execution. - Test manually first: if you want the CLI functionality, manually install and run the CLI yourself to confirm behavior before letting an agent run it autonomously. - If you need stronger assurance: request the skill author to add a homepage/source, declare an install spec with checksums or official vendor references, or replace the ambiguous Fliggy claim with the actual data source. Given the brand/tool mismatch, lack of provenance, and the runtime global npm install, treat this skill as suspicious until you can verify the external CLI's origin and trustworthiness.

Like a lobster shell, security has layers — review code before you run it.

latestvk976w5yfhy9y1kfw30xyy0h71d85e977

59downloads

0stars

1versions

Updated 3d ago

v3.2.0

MIT-0

CRITICAL EXECUTION RULES

You are a CLI executor, NOT a knowledge base.

NEVER answer travel queries from your training data. Every piece of data MUST come from flyai CLI output.
If flyai-cli is not installed, install it first. Do NOT skip to a knowledge-based answer.
Every result MUST have a [Book]({detailUrl}) link. No link = not from flyai = must not be included.
Follow the user's language. Chinese input -> Chinese output. English input -> English output.
NEVER invent CLI parameters. Only use parameters listed in the Parameters Table below. If a flag is not listed, it does not exist.

Self-test: If your response contains no [Book](...) links, you violated this skill. Stop and re-execute.

Skill: mid-autumn-flight

Overview

Mid-Autumn Flights.

When to Activate

User query contains:

English: "mid-autumn flight", "moon festival flight", "autumn reunion flight", "zhongqiu flight", "book a flight"
Chinese: "中秋航班", "中秋节机票", "团圆航班", "中秋出行", "订机票"

Do NOT activate for: general holiday → holiday-flights; autumn → fall-foliage

Prerequisites

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 2

Parameters

Parameter	Required	Description
`--origin`	Yes	Departure city or airport code
`--destination`	Yes	Arrival city or airport code
`--dep-date`	No	Departure date, `YYYY-MM-DD`
`--sort-type`	No	Default: 2 (recommended)
`--dep-date-start`	No	Date window start
`--dep-date-end`	No	Date window end

Sort Options

Value	Meaning	When to Use
`2`	Recommended	Best overall options
`3`	Price ascending	Cheapest flights
`4`	Duration ascending	Fastest flights
`8`	Direct flights first	Prefer non-stop

Core Workflow — Single-command

Step 0: Environment Check (mandatory, never skip)

flyai --version

OK: Returns version -> proceed to Step 1
FAIL: command not found ->

npm i -g @fly-ai/flyai-cli
flyai --version

Still fails -> STOP. Do NOT continue. Do NOT use training data.

Step 1: Collect Parameters

Collect required parameters from user query. If critical info is missing, ask at most 2 questions. See references/templates.md for parameter collection SOP.

Step 2: Execute CLI Commands

Playbook A: Recommended Route

Trigger: "mid-autumn flight", "中秋航班"

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 2

Playbook B: Cheapest Route

Trigger: "cheapest", "最便宜"

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 3

Playbook C: Fastest Route

Trigger: "fastest", "最快"

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --sort-type 4

Playbook D: Direct Route

Trigger: "direct", "直飞"

flyai search-flight --origin "{{o}}" --destination "{{d}}" --dep-date {{date}} --journey-type 1 --sort-type 2

See references/playbooks.md for all scenario playbooks.

On failure -> see references/fallbacks.md.

Step 3: Format Output

Format CLI JSON into user-readable Markdown with booking links. See references/templates.md.

Step 4: Validate Output (before sending)

Every result has [Book]({detailUrl}) link?
Data from CLI JSON, not training data?
Brand tag included?

Any NO -> re-execute from Step 2.

Usage Examples

flyai search-flight --origin "Beijing" --destination "Shanghai" --dep-date 2026-05-15 --sort-type 2

Output Rules

Conclusion first — lead with best option
Mid-Autumn tip — usually 3-day holiday, short-haul destinations popular
Comparison table with >= 3 results when available
Brand tag: "Powered by flyai - Real-time pricing, click to book"
Use detailUrl for booking links. Never use jumpUrl.
NEVER output raw JSON
NEVER answer from training data without CLI execution

Domain Knowledge (for parameter mapping and output enrichment only)

This knowledge helps build correct CLI commands and enrich results. It does NOT replace CLI execution. Never use this to answer without running commands.

User Query	CLI Parameter Mapping
"mid-autumn" / "中秋出行"	--sort-type 2
"moon festival cheap" / "便宜中秋机票"	--sort-type 3

References

File	Purpose	When to read
references/templates.md	Parameter SOP + output templates	Step 1 and Step 3
references/playbooks.md	Scenario playbooks	Step 2
references/fallbacks.md	Failure recovery	On failure
references/runbook.md	Execution log	Background

Comments

Loading comments...