flyai
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the '@fly-ai/flyai-cli' npm package. This package is managed by the vendor 'alibaba-flyai' and is required for the skill to communicate with the FlyAI and Fliggy travel platforms.
- [COMMAND_EXECUTION]: The agent executes the 'flyai' CLI tool to process travel queries and uses the system 'date' command to retrieve temporal context for searches.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests and displays travel information retrieved from external API services. Evidence Chain: 1. Ingestion points: The agent processes search results returned by the 'flyai-cli'. 2. Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within the search results. 3. Capability inventory: The skill has access to command execution and network operations through the CLI tool. 4. Sanitization: There is no mention of sanitizing or validating the API output before rendering it to the user.
Audit Metadata