Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Return Flights
v3.2.0Search and compare round-trip flights with return date. Shows total cost for both legs, compares bundled vs separate booking to find the cheapest combination...
⭐ 0· 41·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md's commands consistently target a CLI called flyai (npm package @fly-ai/flyai-cli) to search and compare round-trip flights, which aligns with the stated primary purpose. However, the top-level description also advertises many extra services (hotel, train, visa, travel insurance, 'Powered by Fliggy (Alibaba Group)') that are not demonstrated or justified in the instructions; the branding (Fliggy) does not match the flyai CLI shown in commands. This mismatch is unexplained.
Instruction Scope
The instructions mandate always using the flyai CLI and explicitly forbid answering from training data, forcing installation if missing. The runbook instructs writing an execution log to .flyai-execution-log.json (echo '... >> .flyai-execution-log.json') which persists user queries and CLI results locally. The skill also enforces output rules (book links, brand tag) and a self-test that could cause repeated CLI re-execution if not satisfied. These behaviors expand scope beyond just looking up flights (local persistence, install steps, re-execution loops).
Install Mechanism
No formal install spec is included in registry metadata, but SKILL.md instructs installing a global npm package (npm i -g @fly-ai/flyai-cli) and even suggests sudo as a fallback. Installing arbitrary global npm packages carries risk (runs code from the npm registry with broad access). The skill does not provide a verified source URL, package checksum, or repository to validate the package's origin or contents.
Credentials
The skill requests no environment variables or external credentials in metadata. However, it will process and persist user queries and CLI JSON results (potentially including personal data) to a local log file per the runbook. There are no explicit requests for unrelated secrets, which is good, but the implicit data persistence was not declared in the registry metadata.
Persistence & Privilege
always:false (normal). Still, the runbook prescribes creating a persistent execution log file (.flyai-execution-log.json) if filesystem writes are available. The skill does not declare or explain this file in metadata or request explicit user consent. The installer recommendation to run npm -g (and sudo fallback) increases privilege requirements for operation.
What to consider before installing
Before installing or using this skill: 1) Verify the publisher and obtain the flyai-cli package repository (GitHub/npm package page) and inspect its code or the package maintainer — do not blindly run npm i -g without verification. 2) Prefer installing the CLI in a sandbox or local (non-global) environment; avoid using sudo. 3) Ask the skill author to explain the Fliggy/Alibaba branding and provide a homepage or source repo — the current metadata lacks provenance. 4) Be aware the skill's runbook instructs writing a local log file (.flyai-execution-log.json) that will store user queries and CLI responses (possible PII); decide if that is acceptable. 5) If you need assurance, request the skill be updated to: a) include a verified package URL and checksum; b) avoid global/sudo installs or provide a contained install option; c) declare and make explicit any local persistence; and d) remove the directive that forbids answering from training data (or explain why). Providing the package source or example CLI outputs would materially change this assessment.Like a lobster shell, security has layers — review code before you run it.
latestvk97ba622q7va1ee0f19wfc1nqx84n3sq
License
MIT-0
Free to use, modify, and redistribute. No attribution required.