Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Week Trip
v3.2.0Plan an epic 7-day vacation — multi-city routes, intercity transportation, hotel transitions, and balanced daily itineraries for a full week of adventure. Al...
⭐ 0· 40·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to plan week-long trips and instructs the agent to use the flyai CLI for flights, hotels, POI searches and booking links. Requiring a booking-capable CLI is coherent with the stated purpose.
Instruction Scope
SKILL.md requires the agent to: (a) rely exclusively on flyai CLI output (never use model knowledge), (b) auto-install the @fly-ai/flyai-cli if missing, and (c) enforce every result include a [Book](...) link. The runbook also instructs writing a persistent execution log (.flyai-execution-log.json) containing raw user_query and steps if file system writes are available. Persisting user queries and CLI results is outside the explicit skill metadata and can capture sensitive input. The self-test/re-execute loop requirement increases the chance of repeated network calls/installs if outputs don't match the strict template.
Install Mechanism
There is no formal install spec in the registry metadata, but the skill's runtime instructions mandate npm i -g @fly-ai/flyai-cli. Installing a global npm package at runtime causes third-party code to be downloaded and run on the host (moderate risk). The package name is a normal npm-style install (traceable) rather than an arbitrary URL, but automatic global installs should be treated cautiously and ideally require explicit user approval.
Credentials
The skill declares no required environment variables or credentials, which is reasonable for a read-only planner that returns booking links. However, the runbook's log schema includes request_id, user_query and other fields that may contain sensitive info; these are not declared as persisted artifacts. Also, the skill claims booking/reservation capability but does not request payment/auth credentials — it appears to rely on external booking links rather than performing bookings itself (this is plausible but worth confirming).
Persistence & Privilege
The skill's runbook explicitly recommends appending an execution log to .flyai-execution-log.json if filesystem writes are available. That creates persistent local records of user queries, CLI commands, and results. This persistent logging behavior is not described in the registry metadata and could retain sensitive user input. The skill does not request elevated platform privileges, but local persistence without explicit user consent is a notable privacy concern.
What to consider before installing
This skill is coherent with travel planning but contains two operational risks you should weigh before installing: (1) it will auto-install and invoke a third‑party npm CLI (@fly-ai/flyai-cli) if that binary is missing — installing global npm packages runs unreviewed code from the npm registry and may require elevated permissions; (2) it suggests writing a persistent execution log (.flyai-execution-log.json) containing user queries and CLI outputs to disk. Before installing, consider: - Do you trust the @fly-ai/flyai-cli package and its publisher? Check the package page, source repo, and recent maintainer activity. - Run the CLI in a sandbox or ask for an option to decline auto-install; prefer manual installation with consent. - Confirm whether persistent logs will be created and where; if unwanted, run the skill in an environment where filesystem writes are blocked or review the skill to remove the logging step. - Be aware the skill forces strict reliance on real‑time CLI results and may re-run commands until output matches a template, which can increase network activity. If you want, I can list specific questions to ask the skill author or suggest a safer workflow (e.g., run the CLI yourself and paste results) to avoid automatic installs and local persistence.Like a lobster shell, security has layers — review code before you run it.
latestvk97d1sty30y2yh7ge2e8k67jm184p3js
License
MIT-0
Free to use, modify, and redistribute. No attribution required.