ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Quick Getaway

v3.2.0

Plan a complete 3-day, 2-night trip — optimal pacing with morning activities, afternoon exploration, and evening dining experiences. Also supports: flight bo...

0· 44·0 current·0 all-time
by@xiejinsong
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (3-day trip planning, booking links, Fliggy integration) align with the SKILL.md: it consistently instructs the agent to use a travel-focused CLI (flyai) for flights, hotels, POIs, and booking links.
Instruction Scope
All runtime instructions are directive and self-contained: they require using the flyai CLI for all data, enforce that every result include a booking link, and forbid using training data. This is strict but consistent with a realtime-booking integration. However, the 'never use training data' rule and the enforced re-execution/self-test could cause repeated CLI calls or loops if the CLI fails or returns partial data.
!
Install Mechanism
The SKILL.md instructs installing @fly-ai/flyai-cli globally via npm (npm i -g @fly-ai/flyai-cli). Installing a global npm package executes remote code from the npm registry — a reasonable approach for a CLI dependency but higher-risk without an official source/metadata or homepage. The skill registry metadata lacks a homepage or verifiable publisher, increasing the risk of installing an untrusted CLI.
Credentials
The skill does not request environment variables, credentials, or access to unrelated services. That is proportionate to a client-side CLI-driven travel planner.
Persistence & Privilege
The runbook suggests appending execution logs to .flyai-execution-log.json if filesystem writes are available. Writing local logs is plausible for an execution trace, but it may persist sensitive user queries or parameters on disk without explicit user consent.
Scan Findings in Context
[no_code_files] expected: No code files were present; the skill is instruction-only (SKILL.md). The regex scanner had nothing to analyze, which is expected for this format but means runtime behavior depends entirely on the CLI the skill instructs you to install.
What to consider before installing
This skill is internally consistent for planning a 3-day trip, but exercise caution before installing or letting an agent install the required CLI. Key checks: 1) Verify the @fly-ai/flyai-cli package and publisher on npm (or prefer manual installation) and confirm it is an official Fliggy/Alibaba tool if you care about provenance. 2) Be aware the skill asks the agent to run npm i -g (global install) — that executes remote code. 3) The skill may write an execution log (.flyai-execution-log.json) containing your queries/parameters; if this is sensitive, run in a sandbox or disable log persistence. 4) If you do not trust the CLI/publisher or cannot review the package, decline to install and ask the agent to provide guidance that does not depend on the external CLI.

Like a lobster shell, security has layers — review code before you run it.

latestvk972eqxv5znyw2htf10t8gdxp184j6ex

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments