ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Beachfront Resort Finder

v3.2.0

Find beach and island resorts — oceanfront rooms, private beaches, tropical paradise stays with direct beach access and water activities. Also supports: flig...

0· 50·0 current·0 all-time
by@xiejinsong
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description align with the runtime instructions: the skill consistently delegates searches to the flyai CLI (Fliggy integration). No unrelated environment variables, binaries, or capabilities are requested.
Instruction Scope
Runtime instructions are narrowly scoped to using the flyai CLI and formatting its JSON output. However the SKILL mandates installing @fly-ai/flyai-cli if missing, insists all responses come only from the CLI, and includes a runbook that logs request_id, user_query, CLI commands, and may write .flyai-execution-log.json to disk. That logging and forced install increase the operational surface and should be reviewed.
!
Install Mechanism
Although the registry entry has no formal install spec, the SKILL.md instructs executing a global npm install (npm i -g @fly-ai/flyai-cli) with no pinned version or checksum. Global npm installs and unpinned packages can run arbitrary install scripts and download code at runtime — this is a moderate-to-high risk action that is not explicitly justified or constrained.
Credentials
The skill declares no required env vars or credentials. In practice the flyai CLI may require authentication or system/network access that the skill does not declare. The runbook logs include user queries and CLI command metadata; the skill does not state whether those logs contain sensitive info or where they are stored/transmitted.
Persistence & Privilege
always:false and no system-wide config changes are requested. The runbook suggests appending execution logs to .flyai-execution-log.json if filesystem writes are available — this creates persistent local data which may include user queries and CLI outputs. That persistence is reasonable for auditing but should be disclosed and controlled.
What to consider before installing
This skill appears to do what it claims, but it depends on a third‑party npm CLI that the skill will install and run. Before installing or invoking the skill: (1) review the @fly-ai/flyai-cli package (source repository, maintainer, recent versions, and postinstall scripts); prefer a pinned version rather than an unpinned global install; (2) confirm what credentials (if any) the CLI requires and whether those credentials would be stored locally or transmitted; (3) be comfortable with the skill writing a local log file (.flyai-execution-log.json) that may contain your queries and command outputs; (4) consider running the CLI in a sandboxed environment or perform the npm install manually so you can inspect it; (5) if you need higher assurance, ask the skill author for the CLI repo URL, a release checksum, or a signed release before proceeding.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bn68dgtw7vab17xxmv78fxs84jht2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments