Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Rafting Spots
v3.2.0Find whitewater rafting, river tubing, and water adventure experiences. From gentle family floats to extreme rapids. Also supports: flight booking, hotel res...
⭐ 0· 37·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description promise travel search and booking (rafting, flights, hotels, visas, etc.) while the SKILL.md and playbooks only show flyai CLI commands for POI search (rafting). Requiring the flyai CLI is plausible for a Fliggy-powered travel integration, but the broader features claimed (flight/hotel booking, visa, insurance) are not demonstrated in the instructions or parameter table, creating a scope mismatch.
Instruction Scope
Runtime instructions require installing and running the third-party flyai CLI and insist every response come solely from its output. The runbook suggests optionally writing an execution log ('.flyai-execution-log.json') to disk. The skill does not instruct reading arbitrary system files or environment variables, which is good, but it omits how the CLI authenticates (no declared auth steps or env vars). The strict 'never answer from training data' + mandatory re-execution loop could encourage repeated network calls and automatic outbound requests.
Install Mechanism
No install spec file is included, but SKILL.md instructs a global npm install (npm i -g @fly-ai/flyai-cli). Installing an npm package globally is a common integration approach but has moderate risk: it executes code from the npm registry on the host and modifies global binaries. The skill does not point to the npm package page or a vetted source, so verifying package provenance before installing is recommended.
Credentials
The skill declares no required environment variables or credentials, yet any real third-party CLI that queries booking/pricing APIs will usually require authentication (API keys, login, or config). The absence of declared credential requirements is an omission: the CLI may prompt for credentials, use existing local config, or require env vars not documented here. That ambiguity increases risk because the skill may depend on or request sensitive credentials at runtime.
Persistence & Privilege
The skill is not always-on and does not request elevated platform privileges. It may write an execution log to the current directory ('.flyai-execution-log.json') if filesystem writes are available. This is limited persistence and scoped to the working directory, but you should be aware logs may contain query/response data and could persist locally.
What to consider before installing
Before installing or enabling this skill: 1) Verify the @fly-ai/flyai-cli npm package on the npm registry (author, weekly downloads, source repo, recent commits) to ensure it's the expected vendor and not a typo-squatted package. 2) Ask the skill author or vendor how the CLI authenticates and whether any API keys or account logins are required; do not provide credentials until you understand storage and scope. 3) Prefer installing the CLI in an isolated environment (container, VM, or sandbox) rather than globally on your main machine. 4) Expect the skill to make outbound calls to flyai/Fliggy services and to possibly write a local .flyai-execution-log.json file containing queries/results—review that file policy. 5) Note the description claims broader booking features (flights/hotels/visa) but the instructions only show POI search; request clarification or examples of booking commands before trusting the skill for transactions.Like a lobster shell, security has layers — review code before you run it.
latestvk97fezabad1rzq48q00aq7v4gs84ndn8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.