机票/酒店/旅行降价监控助手
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill's price alerts are coherent, but its documented auto-booking and recurring background monitor can spend money or keep acting without enough stated safeguards.
Use this skill for notifications only unless you are comfortable granting automatic booking authority. Before enabling auto_book, require a final confirmation step, verify the exact account/payment method and refund terms, and make sure you can view and cancel the scheduled monitor.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
It could book a flight, hotel, or travel product when a threshold is met without the user reviewing the final itinerary, fees, refund terms, or payment details.
The skill instructs the agent to place an order automatically after a price check. Travel booking can spend money and lock in dates, but the artifact does not require a just-in-time user confirmation, total-price-with-fees cap, passenger/payment selection, refundability check, or cancellation review.
若 current_price <= target_price:... 若 auto_book=true 且库存充足,尝试自动下单
Keep auto_book off by default and require explicit final confirmation showing total price, dates, travelers, refund/cancel terms, account/payment source, and the exact action before any order is placed.
A background monitor may continue checking prices or trigger later actions after the user forgets about it or after the intended monitoring window.
The skill creates recurring autonomous agent turns. Recurring monitoring is central to the purpose, but the artifact does not clearly specify job deletion after success/deadline or provide a concrete cancel/inspect workflow.
使用 qoder_cron 创建 cron 任务,每4小时检查一次 ... payload ... kind: agentTurn
Return a visible job ID, show the stored schedule, provide cancel/pause/delete instructions, and automatically remove the job after success, expiry, or user cancellation.
The agent may rely on an existing account session or tool privilege for booking without the user understanding the exact account, payment method, or authorization scope.
The metadata does not declare a credential or account boundary, while the skill's documented behavior includes automatic Fliggy booking. Users cannot tell which account/session/payment authority would be used or what permissions are needed.
Primary credential: none; Required env vars: none; Required config paths: none
Declare the required account/credential model and scope it narrowly; require the user to choose the account/payment method and confirm delegated authority before any booking-capable workflow runs.
The safety of the actual search, booking, and scheduler behavior depends on tools not included in this review.
The skill depends on external flyai and qoder_cron capabilities, but the artifact set contains no code/install spec to review and the registry declares no required binaries. This is an operational/provenance gap, not evidence of malicious code by itself.
调用对应 flyai 命令获取当前价格 ... 使用 qoder_cron 创建 cron 任务
Document the exact tool providers, permissions, versions, and expected prompts/actions for flyai and qoder_cron before users rely on automatic booking.
Your travel plans and price targets may remain stored in the scheduler until a cleanup occurs.
The scheduled task persists user travel details, target price, deadline, and future action instructions so the monitor can run later. This is purpose-aligned, but retention and deletion behavior are not described.
message: 检查商品 {item_url或搜索关键词} 当前价格... 截止日期{deadline}... auto_book={true/false}Minimize stored details, show users what is saved, and automatically delete the stored task data after success, expiry, or cancellation.