中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 0/100
Last scan:1 day ago Rescan
0 /100
flyai-destination-substitute
平替旅行家——想去A太贵?帮你找平替!AI理解用户向往某个目的地的核心体验元素,然后在更近/更便宜的目的地中找到能提供相似体验的平替方案。
A legitimate Chinese travel planning skill (平替旅行家) that helps users find budget alternatives to expensive destinations. Contains only markdown documentation with no executable code.
Skill Nameflyai-destination-substitute
Duration37.6s
Enginepi
Safe to install
No action required. The skill is safe to use as documented.
ResourceDeclaredInferredStatusEvidence
Filesystem NONE READ+WRITE ✓ Aligned reference/user-profile-storage.md:62 - writes to ~/.flyai/user-profile.md
Shell NONE EXEC ✓ Aligned reference/workflow.md:4 - npm install -g @fly-ai/flyai-cli; reference/tools.md:1…
Network NONE READ ✓ Aligned reference/workflow.md:21 - registry.npmjs.org for npm packages only
Environment NONE NONE No os.environ access detected
4 findings
🔗
Medium External URL 外部 URL
https://img.alicdn.com/...
reference/search-hotel.md:44
🔗
Medium External URL 外部 URL
https://img.alicdn.com/tfscom/...
reference/search-poi.md:32
🔗
Medium External URL 外部 URL
https://nodejs.org/
reference/workflow.md:19
🔗
Medium External URL 外部 URL
https://registry.npmmirror.com
reference/workflow.md:21

File Tree

14 files · 34.1 KB · 1068 lines
Markdown 14f · 1068L
├─ 📁 reference
│ ├─ 📝 ai-search.md Markdown 26L · 659 B
│ ├─ 📝 examples.md Markdown 48L · 1.7 KB
│ ├─ 📝 keyword-search.md Markdown 53L · 1.6 KB
│ ├─ 📝 search-flight.md Markdown 87L · 3.0 KB
│ ├─ 📝 search-hotel.md Markdown 57L · 1.8 KB
│ ├─ 📝 search-marriott-hotel.md Markdown 54L · 1.8 KB
│ ├─ 📝 search-marriott-package.md Markdown 40L · 995 B
│ ├─ 📝 search-poi.md Markdown 47L · 2.2 KB
│ ├─ 📝 search-train.md Markdown 77L · 2.6 KB
│ ├─ 📝 self-learning.md Markdown 19L · 450 B
│ ├─ 📝 tools.md Markdown 34L · 782 B
│ ├─ 📝 user-profile-storage.md Markdown 187L · 4.1 KB
│ └─ 📝 workflow.md Markdown 233L · 8.4 KB
└─ 📝 SKILL.md Markdown 106L · 4.3 KB

Security Positives

✓ Contains only markdown documentation files with no executable code
✓ All filesystem operations are explicitly documented (user profile storage in ~/.flyai/)
✓ CLI tool usage (FlyAI) is fully documented with installation commands
✓ No credential theft, data exfiltration, or obfuscation techniques present
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ NODE_TLS_REJECT_UNAUTHORIZED=0 flag documented as workaround for internal API
✓ User data remains local without external transmission
✓ No hidden functionality or documentation mismatch