NS Trains
Security checks across malware telemetry and agentic risk
Overview
This skill is a straightforward Dutch train schedule helper that uses an NS API key only to request train information from the official NS API.
Install only if you are comfortable sending station and route queries to the NS API. Keep NS_SUBSCRIPTION_KEY out of committed files, prefer a runtime secret mechanism, and only set NS_HOME_STATION or NS_WORK_STATION if storing those commute locations in environment variables is acceptable.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
58/58 vendors flagged this skill as clean.