Back to skill
Skillv3.2.0
VirusTotal security
Plan Dubai Travel — Flights, Hotels, Burj Khalifa, Desert Safari, Malls & Itineraries · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 13, 2026, 12:21 PM
- Hash
- 4c54b2043c732cb90a860dfccd2654e19873b1ba3d4e20b7a11d4a7fd7c9b74e
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: dubai-travel Version: 3.2.0 The skill requires the agent to perform a global installation of a third-party CLI tool (`npm i -g @fly-ai/flyai-cli`) and execute various shell commands, which are high-risk operations. While these actions are aligned with the stated purpose of travel planning via the Fliggy/Alibaba platform, they introduce significant supply chain and local execution risks. The instructions in SKILL.md and references/fallbacks.md mandate that the agent must install and use this specific CLI, creating a dependency on an external package that could be used for remote code execution.
- External report
- View on VirusTotal