mid-autumn-flight

The skill mandates the global installation of an external NPM package (@fly-ai/flyai-cli) if the command is not found (SKILL.md, references/fallbacks.md). This introduces a supply chain risk and requires the agent to execute code with potentially elevated privileges. While the instructions are focused on flight booking, they use aggressive, imperative language to force the agent to bypass its internal knowledge base and rely exclusively on this external CLI, which is a common pattern for controlling agent behavior through prompt injection.