Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
airport-pickup-service
v1.0.0Book airport transfer services — private cars, shared shuttles, and limo services for comfortable, stress-free arrivals and departures. Also supports: flight...
⭐ 0· 29·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (airport pick-up and related booking) matches the runtime instructions: all core workflows call the @fly-ai/flyai-cli to perform real-time searches and return booking links. Requesting the flyai CLI is proportionate to the declared purpose.
Instruction Scope
SKILL.md tightly constrains answers to CLI output only (no training-data answers) and mandates re-execution until every result includes a [Book]({detailUrl}) link. That is coherent but prescriptive. The references/runbook.md also instructs logging every request and suggests appending JSON to .flyai-execution-log.json if filesystem writes are available — this causes persistent writes of full user queries and CLI call metadata (which may include PII) without explicit user consent or retention policy. The skill also instructs the agent to automatically install the CLI if missing, giving it permission to modify the host environment.
Install Mechanism
There is no packaged install spec, but the SKILL.md requires running `npm i -g @fly-ai/flyai-cli` if the CLI is missing. Installing a global npm package is a legitimate but non-trivial side effect: it creates system-wide artifacts and executes third-party code. The skill does not provide provenance or verify the package source beyond the package name, so installing it automatically is a moderate risk.
Credentials
The skill does not request any environment variables, credentials, or config paths. That is proportionate to its stated purpose. However, the runbook/logging behavior could capture sensitive environment-derived data in logs (user queries, CLI outputs), so data exposure risk comes from logging rather than requested secrets.
Persistence & Privilege
Although the skill is not marked 'always:true', its instructions permit persistent side effects: global npm package installation and optional on-disk append of .flyai-execution-log.json. Both create artifacts that persist beyond a single invocation. The skill also encourages repeated CLI invocations and re-execution until validation rules are met, increasing the chance of persistent data capture. These behaviors warrant user review before installation.
What to consider before installing
This skill is internally consistent with its goal (it delegates booking to a flyai CLI), but it asks the agent to install a global npm package and suggests writing an execution log file that could store full user queries and CLI results. Before installing or allowing autonomous runs: 1) Verify the authenticity of @fly-ai/flyai-cli on npm/GitHub and inspect its code or maintainers; 2) prefer manual installation of the CLI (run `npm i -g @fly-ai/flyai-cli` yourself) rather than having the agent install it; 3) ask the skill author where logs will be stored and how long they are retained, or disable/redirect logging to a safe location; 4) if queries may contain sensitive data (passports, PII), avoid automatic logging or run the skill in a sandboxed environment. If you cannot verify the CLI package or are uncomfortable with on-disk logging, treat this skill cautiously or decline to install.Like a lobster shell, security has layers — review code before you run it.
latestvk97bk8t844fj83w0yztys7vdbs842mmf
License
MIT-0
Free to use, modify, and redistribute. No attribution required.