Skillv1.0.0

ClawScan security

Metra Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 22, 2026, 4:59 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill appears to implement a legitimate Metra GTFS integration, but the package metadata and runtime instructions disagree about required binaries/env, and there are a few small inconsistencies you should verify before installing.
Guidance: What to check before installing: - Confirm the METRA_API_KEY requirement: SKILL.md and the code require METRA_API_KEY, but the registry metadata omitted it. Don't install if the platform would grant broader secrets than this. - Verify the external endpoints: the script uses gtfspublic.metrarr.com (GTFS-RT) and schedules.metrarail.com (static). Confirm those hosts are legitimate (they look related to Metra but double-check the GTFS-RT hostname). If unsure, open the repository link and inspect the endpoints yourself. - Expect to run `npm install` in the skill folder (installs protobufjs from npm). Run this in a controlled environment if you audit dependencies first. - The skill will create ~/.metra/gtfs/ and read GTFS CSV files; if you prefer no persistent files, don't install or run refresh-gtfs. - The script reads a local .env file in the skill directory — avoid storing long-lived credentials in places you don't control, or use an agent-managed secret store instead. - If you want higher assurance, review the full scripts/metra.mjs contents (it uses child_process.execFileSync for local unzip operations) and test the skill in a sandboxed environment first. If you want, I can point out exact lines in scripts/metra.mjs that reference the endpoints, .env loading, unzip/exec usage, and the GTFS cache location.

Review Dimensions

Purpose & Capability: noteThe code, README, and SKILL.md all describe a GTFS-RT + GTFS static integration and require Node.js, unzip, and an API key (METRA_API_KEY). That aligns with the skill's stated purpose. However the registry metadata provided to the platform lists no required binaries and no required env vars — an inconsistency that could mislead install-time checks.
Instruction Scope: okSKILL.md and the included script keep operations within the expected scope: call Metra GTFS-RT endpoints (Bearer token auth), download/extract GTFS static into ~/.metra/gtfs/, and read that cache. The script also loads a local .env file (from the skill directory) into process.env — expected but worth noting because users may store their API key there.
Install Mechanism: okThere is no arbitrary remote binary download: dependencies are standard npm packages (protobufjs) and the SKILL.md asks the user to run `npm install`. This is a common, moderate-risk install mechanism (trusted registry). The package-lock shows protobufjs from the npm registry. No unusual third-party URLs or archive extraction beyond the GTFS static zip from Metra's schedule site.
Credentials: concernThe runtime code requires a single API key (METRA_API_KEY) which is proportionate to retrieving protected GTFS-RT feeds. However the registry metadata omits this requirement entirely, which is inconsistent and could cause the platform to present incorrect permission prompts. The script also loads a local .env file and will cache static data under the user's home directory.
Persistence & Privilege: okThe skill does not request global 'always' presence. It will write/read a local cache directory (~/.metra/gtfs/) and may store a key in a local .env in the skill folder per the instructions. Those are normal for a data-integration skill but you should expect persistent files on disk.