Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
fliggy-trip-planner
v1.0.1智能行程规划师,整合航班、酒店、景点数据,一键生成完整旅行方案。当用户需要规划旅行行程、制定旅游计划、安排度假方案或询问"去哪里玩""怎么安排行程"时使用此 skill。
⭐ 1· 113·0 current·0 all-time
by厉云涵@yunhanli7
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description say it will aggregate flights, hotels, POIs and generate itineraries using flyai; the SKILL.md purely uses flyai CLI commands (search-flight, search-hotel, search-poi) consistent with that purpose.
Instruction Scope
The instructions explicitly tell the agent to detect and, if missing, install a global npm package (@fly-ai/flyai-cli) and then run CLI commands. That grants the skill broad runtime actions (network download, global install, execution of an arbitrary CLI) beyond simple local computation. The SKILL.md also instructs the agent to 'wait for installation' and to always rely on flyai real-time data, which increases dependence on that external binary. There are no instructions limiting or verifying the install (no checksum, no official homepage), and no guidance about sandboxing or user confirmation.
Install Mechanism
The repository contains no formal install spec, but the runtime instructions call for 'npm i -g @fly-ai/flyai-cli' if the binary is absent. Global npm installs pull code from the public registry and can run arbitrary postinstall scripts — a non-trivial supply-chain risk. The skill metadata does not provide a trusted source, homepage, or integrity checks for this package.
Credentials
The skill declares no environment variables or credentials — that aligns with its metadata. However, the external CLI it installs may itself request credentials or access tokens at runtime (not declared in the skill). Because the skill delegates data access to that third-party CLI, hidden credential prompts or config changes are possible even though the skill doesn't declare them.
Persistence & Privilege
always is false and the skill is user-invocable only. The skill does ask to install a global binary (which persists on the host), but there is no metadata requesting permanent platform privileges or modifications to other skills' configs.
What to consider before installing
This skill appears to do what it says (use flyai to build itineraries), but it requires installing and running an external npm CLI from an unknown source at runtime. That CLI will be downloaded and installed globally and can execute arbitrary code or request credentials. Before installing or running this skill: (1) ask the publisher for the official flyai package homepage, npm package link, and a checksum or signed release; (2) inspect the @fly-ai/flyai-cli package contents (or run it) in a sandbox/container first rather than allowing a global install on your machine; (3) prefer an installation with explicit provenance (GitHub releases, vendor site) and integrity checks; (4) be prepared that the CLI may request API tokens or store config locally — do not provide unrelated credentials; (5) if you cannot verify the flyai package, treat this skill as high-risk and avoid installing it on sensitive systems.Like a lobster shell, security has layers — review code before you run it.
latestvk9751n9g50fvsjsmcare8y0wx1840g87
License
MIT-0
Free to use, modify, and redistribute. No attribution required.