Back to skill
Skillv1.0.0
ClawScan security
NYC MTA Transit · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 22, 2026, 12:02 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, runtime instructions, and requested environment access are consistent with a NYC MTA transit helper — nothing appears to be asking for unrelated secrets or capabilities.
- Guidance
- This skill appears to do exactly what it says: read MTA GTFS-RT feeds for subway/alerts and call the MTA BusTime API when you provide MTA_BUS_API_KEY. Before installing, consider: 1) Inspect scripts/mta.mjs yourself (it is included) or run in a sandbox; the code will create ~/.mta/gtfs/ and may download GTFS static data over HTTP (potential MITM risk) — if that matters, run refresh-gtfs behind a network you trust. 2) Do not store unrelated secrets in the skill directory .env (the skill will source a .env there). 3) npm install will pull protobufjs from the public npm registry — if your org requires vetting of packages, review that dependency. If these points are acceptable, the skill is coherent and appropriate for use.
Review Dimensions
- Purpose & Capability
- okName/description (MTA subway/bus/alerts) matches the files and runtime needs: Node runtime, protobuf decoding, GTFS real-time feeds, and an optional MTA bus API key for bus endpoints. The declared required binary (node) and required env var (MTA_BUS_API_KEY) are appropriate for the described features.
- Instruction Scope
- noteSKILL.md and scripts instruct the agent to fetch GTFS-RT feeds, call the BusTime SIRI API (when MTA_BUS_API_KEY is present), and maintain a local GTFS cache under ~/.mta/gtfs/. The skill also loads a .env file from the skill directory if present. These behaviors are expected, but worth noting: the GTFS static download uses an HTTP URL (the code documents this as intentional) and the script imports execFileSync — review how execFileSync is used (the project claims safe usage in CLAUDE.md).
- Install Mechanism
- noteThe skill requires npm install to fetch protobufjs from the public npm registry (package.json/package-lock.json present). This is a standard dependency installation; there are no opaque remote binary downloads or URL shorteners. Note: the SKILL.md includes an npm install shell command; registry metadata indicated 'No install spec', which is a minor metadata inconsistency but not a security red flag by itself.
- Credentials
- okOnly one optional credential is requested: MTA_BUS_API_KEY, which is necessary solely for bus/SIRI functionality. No unrelated secrets or multiple unrelated credentials are requested. The script will also load a .env file from the skill directory if present — avoid placing unrelated secrets there.
- Persistence & Privilege
- noteThe skill writes persistent data to ~/.mta/gtfs/ (local GTFS static cache) and reads that cache later; this is consistent with offline/static GTFS usage. always:false (not force-installed) and it doesn't request elevated or cross-skill configuration changes. If you prefer, run the skill in a sandbox or restrict file permissions for the created directory.