← Back to Skills Marketplace

marriott

Name: marriott
Author: qianjunye

by qianjunye · GitHub ↗ · v1.0.0

cross-platform ⚠ suspicious

397

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install marriott

Description

搜索并预订万豪旅享家酒店（marriott.com.cn）。当用户提到酒店搜索、万豪预订、查找入住等需求时调用。

Usage Guidance

This skill appears to do what it claims (automated search and booking on marriott.com.cn) but takes actions that expose broad browser session data. Key risks: (1) it connects to your Chrome via remote debugging (CDP), which can see open pages and cookies across that browser profile; (2) it dumps all cookies from the connected context into cookies.json in the skill folder — these may include session tokens for other sites; (3) the README suggests copying your Default Chrome Cookies file, which exposes sensitive data. Before installing/using: - Do not use your primary/default Chrome profile; create and use a dedicated profile containing only the Marriott login. - Avoid copying the entire Cookies file from your default profile; prefer signing in manually in the dedicated profile. - Inspect cookies.json before sharing it and delete cookies.json (and any saved Cookies file copies) after use. - Do not put your raw password in .env; the scripts do not use it. - If you are uncomfortable exposing other browser sessions, consider performing the booking manually on the Marriott site instead of granting CDP access. If you want higher assurance, ask the author to: limit cookies collected to marriott.com only (pass domain to context.cookies), remove instructions that copy Default Cookies, and eliminate .env fields that request passwords.

Capability Analysis

Type: OpenClaw Skill Name: marriott Version: 1.0.0 The skill is suspicious due to a critical shell injection vulnerability identified in `SKILL.md`. User-provided `$ARGUMENTS` are directly passed to `bash` commands (e.g., `node "$HOME/.claude/skills/marriott/skill-search.js" $ARGUMENTS`), which could allow an attacker to execute arbitrary commands on the host machine if the OpenClaw agent does not perform robust input sanitization. While the core functionality of automating Marriott bookings via Playwright appears legitimate, this vulnerability poses a significant risk of unauthorized command execution.

Capability Assessment

ℹ Purpose & Capability

The code and SKILL.md match the stated purpose (search → select → rooms → book on marriott.com.cn), using Playwright + a Chrome instance to bypass Akamai. Requiring a logged-in browser session and remote debugging is explainable for this site. However the skill reads/writes full browser cookies (ctx.cookies()) and suggests copying the Chrome Default Cookies file, which is broader than strictly necessary to access only Marriott credentials.

⚠ Instruction Scope

Runtime instructions and scripts instruct the user to start Chrome with remote debugging and to copy a Cookies file from the default profile; the scripts call chromium.connectOverCDP to attach to the running Chrome and then dump all context cookies to cookies.json. That gives the skill access to all cookies and pages in that browser context (not only Marriott) and instructs users to copy sensitive profile files — both exceed the narrow scope of 'search and book Marriott'.

ℹ Install Mechanism

There is no platform install spec in the registry (instruction-only), but the included setup.sh runs npm install and npx playwright install chromium. Installing Playwright and a local Chromium binary is standard for browser automation but does download / extract large native artifacts; this is expected for the stated functionality.

⚠ Credentials

The repository ships a .env file with MARRIOTT_EMAIL and MARRIOTT_PASSWORD variables, but the runtime code does not use those credentials (it relies on browser cookies). That both could encourage users to store credentials unnecessarily and indicates a mismatch. More seriously, the skill writes full cookies.json from the connected browser context (ctx.cookies()) into the skill folder — this may contain cookies for many sites and effectively exposes session tokens beyond Marriott.

ℹ Persistence & Privilege

The skill is not always-enabled and does not request elevated system configuration. It does, however, require and create local artifacts (cookies.json, selection.json, rooms-results.json, confirmation.json) in the skill directory. Connecting to Chrome via CDP grants the skill programmatic access to the running browser and its sessions during execution, which increases its blast radius compared with a purely API-based integration.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install marriott
After installation, invoke the skill by name or use /marriott
Provide required inputs per the skill's parameter spec and get structured output

Version History

v1.0.0

Marriott 1.0.0 - 新增万豪旅享家酒店搜索与预订流程：支持目的地、日期、人数等参数快速查询。 - 分步指引用户完成酒店筛选、房型选择、房价确认和在线预订。 - 明确异常处理指南（如Akamai拦截、登录弹窗、无房型等），增强使用稳定性。 - 适配中英文界面，自动高亮用户偏好匹配的房型房价组合，提升预订体验。 - 支持Mac与Linux环境切换，保障预订指令流程通畅。

Metadata

Slug marriott

Version 1.0.0

License —

All-time Installs 1

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is marriott?

搜索并预订万豪旅享家酒店（marriott.com.cn）。当用户提到酒店搜索、万豪预订、查找入住等需求时调用。 It is an AI Agent Skill for Claude Code / OpenClaw, with 397 downloads so far.

How do I install marriott?

Run "/install marriott" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is marriott free?

Yes, marriott is completely free (open-source). You can download, install and use it at no cost.

Which platforms does marriott support?

marriott is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created marriott?

It is built and maintained by qianjunye (@qianjunye); the current version is v1.0.0.

More Skills