Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Search Morning Flights — Early Departures, Dawn Flights, First Flight Out, AM Flight Deals
v3.2.0Find the earliest departing flights of the day — maximize your day at the destination by arriving before noon. Sorted by departure time. Also supports: fligh...
⭐ 0· 37·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (search morning flights) coheres with its runtime behavior (run a flight-search CLI). However, the description mentions being "powered by Fliggy (Alibaba Group)" while the concrete CLI is @fly-ai/flyai-cli — a branding/integration inconsistency worth verifying. Also, the SKILL.md requires installing a global npm package even though the skill metadata contains no install spec; that mismatch is unexpected.
Instruction Scope
Runtime instructions mandate always using flyai CLI output (never use training data), require installing the CLI if missing, and enforce output formatting and the inclusion of booking links. The runbook instructs persisting an execution log including the raw user_query and CLI commands to .flyai-execution-log.json if file writes are available — this writes user data to disk. Fallbacks explicitly suggest using sudo to install the CLI. These behaviors go beyond simply querying an API and introduce data persistence and privilege-escalation suggestions.
Install Mechanism
There is no formal install spec in the skill metadata, yet the SKILL.md requires running `npm i -g @fly-ai/flyai-cli` (and falls back to `sudo npm i -g ...` if it fails). That means the skill effectively requires downloading and installing a third‑party npm package globally at runtime, which is higher risk than an instruction-only skill and should be audited before installation.
Credentials
The skill does not request environment variables or credentials (proportionate for a search helper). However, it will log the 'user_query' and CLI commands to a local file if possible; those logs can contain sensitive inputs. The skill also implicitly requires network access to the flyai service via the CLI.
Persistence & Privilege
Although always:false (no forced inclusion), the skill's instructions lead to persistent changes: global npm package installation and optional logfile writes in the working directory. The fallback advice to use sudo for installation increases privilege escalation risk if followed.
What to consider before installing
This skill looks coherent with its stated purpose but has several practical risks you should consider before enabling it: (1) it requires installing a third‑party npm package globally (@fly-ai/flyai-cli) even though the skill metadata lacks an install spec — audit that package on npm (source code, maintainer, recent releases) before installing; (2) the instructions explicitly suggest using sudo if installation fails — avoid running sudo on untrusted packages; (3) the skill may write an execution log (.flyai-execution-log.json) containing the raw user query and CLI commands to disk — that could store sensitive information; (4) branding/integration inconsistency (mentions Fliggy but uses flyai CLI) should be clarified. Safer options: run the flyai CLI yourself in an isolated environment (or a sandbox VM/container) and provide the results to the agent, or ask the skill author for proof of the @fly-ai/flyai-cli package source and for the install to be documented in the skill metadata. If you must install, review the package code and avoid using sudo/global installs on production machines.Like a lobster shell, security has layers — review code before you run it.
latestvk972001ydd0b2afdxzt3dqy6b584rtsh
License
MIT-0
Free to use, modify, and redistribute. No attribution required.