中文 EN

Scan Report

Scan New Files

Trusted — Risk Score 0/100
Last scan:1 day ago Rescan
0 /100
flyai-destination-pk
目的地PK对比助手,帮助用户在2-3个纠结的目的地之间快速做出选择
This is a legitimate travel destination comparison skill with no executable code, only documentation. All bash operations are documented CLI invocations for the @fly-ai/flyai-cli package.
Skill Nameflyai-destination-pk
Duration24.9s
Enginepi
Safe to install
No action needed. This skill is safe to use.
ResourceDeclaredInferredStatusEvidence
Filesystem READ READ ✓ Aligned SKILL.md: reads ~/.flyai/user-profile.md for user preferences
Shell WRITE WRITE ✓ Aligned SKILL.md: documents npm install -g @fly-ai/flyai-cli and flyai CLI commands
Network NONE NONE No network calls; relies on local CLI which handles its own API calls
Environment NONE NONE No environment variable access
Skill Invoke NONE NONE No cross-skill invocation
Clipboard NONE NONE No clipboard access
Browser NONE NONE No browser automation
Database NONE NONE No database access
4 findings
🔗
Medium External URL 外部 URL
https://nodejs.org/
reference/core-workflow.md:19
🔗
Medium External URL 外部 URL
https://registry.npmmirror.com
reference/core-workflow.md:21
🔗
Medium External URL 外部 URL
https://img.alicdn.com/...
reference/search-hotel.md:44
🔗
Medium External URL 外部 URL
https://img.alicdn.com/tfscom/...
reference/search-poi.md:32

File Tree

13 files · 31.8 KB · 1025 lines
Markdown 13f · 1025L
├─ 📁 reference
│ ├─ 📝 ai-search.md Markdown 26L · 659 B
│ ├─ 📝 core-workflow.md Markdown 211L · 6.5 KB
│ ├─ 📝 examples.md Markdown 36L · 1.6 KB
│ ├─ 📝 keyword-search.md Markdown 53L · 1.6 KB
│ ├─ 📝 search-flight.md Markdown 87L · 3.0 KB
│ ├─ 📝 search-hotel.md Markdown 57L · 1.8 KB
│ ├─ 📝 search-marriott-hotel.md Markdown 54L · 1.8 KB
│ ├─ 📝 search-marriott-package.md Markdown 40L · 995 B
│ ├─ 📝 search-poi.md Markdown 47L · 2.2 KB
│ ├─ 📝 search-train.md Markdown 77L · 2.6 KB
│ ├─ 📝 tools.md Markdown 34L · 782 B
│ └─ 📝 user-profile-storage.md Markdown 187L · 4.1 KB
└─ 📝 SKILL.md Markdown 116L · 4.3 KB

Security Positives

✓ No executable code - only markdown documentation files
✓ All shell commands are explicitly documented CLI invocations for the @fly-ai/flyai-cli package
✓ npm install uses official npm registry with a versioned package reference
✓ File system access is limited to user's own profile at ~/.flyai/user-profile.md
✓ No credential harvesting, data exfiltration, or obfuscation observed
✓ No base64, eval, or dynamic code execution patterns
✓ No suspicious network patterns or IP addresses