Back to skill
Skillv1.0.2
ClawScan security
12306 Old · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
ReviewApr 7, 2026, 7:28 AM
- Verdict
- Review
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The code appears to implement a 12306 ticket automation client, but the skill metadata and SKILL.md omit required environment variables and install/runtime dependencies and the documentation is incomplete, creating coherence and deployment concerns.
- Guidance
- This package contains Python code that automates a browser (Playwright/Chromium) to log into 12306 and save cookies to a local file. Before installing or running: - Confirm the skill author supplies an install spec (requirements and Playwright/Chromium setup) and a .env.example explaining required env vars. - Treat RAILWAY_12306_USERNAME and RAILWAY_12306_PASSWORD as sensitive: do not put real credentials in an environment you don't control. The code will also write session cookies to 12306_cookies.json in the working directory—inspect or protect that file. - Run the code in a sandboxed environment (VM/container) if you must test it, and review/verify the source for any network calls beyond https://www.12306.cn. - If the author updates the manifest to declare required env vars and provides clear install and runtime docs, the coherence concerns would be resolved; until then, avoid trusting this skill with real credentials.
Review Dimensions
- Purpose & Capability
- concernName/description match the code: the package implements a 12306 browser-automation client (login, ticket search). However registry metadata and SKILL.md claim no required env vars or binaries while the code reads RAILWAY_12306_USERNAME/RAILWAY_12306_PASSWORD and depends on Playwright/Chromium — an inconsistency between stated requirements and actual capabilities.
- Instruction Scope
- concernSKILL.md is auto-generated and sparse (no usage examples, references a .env.example that isn't present). The runtime code reads/writes a local cookie file (12306_cookies.json) and will launch a Chromium browser via Playwright to visit https://www.12306.cn. The instructions do not document these behaviors or where persistent data is stored.
- Install Mechanism
- concernThere is no install spec, but the code requires the Python Playwright package and a Chromium runtime; the skill will fail unless these are present. Missing install instructions is an operational and supply-chain omission (not evidence of maliciousness, but risky and incoherent).
- Credentials
- concernThe code expects RAILWAY_12306_USERNAME and RAILWAY_12306_PASSWORD environment variables (used for login) but the manifest lists no required env vars. Requesting those credentials would be proportionate for a login client, but the omission from metadata and lack of guidance on secure handling/persistence (cookie file saved locally) are red flags.
- Persistence & Privilege
- okThe skill does not set always:true, does not modify other skills, and only writes a local cookie file (12306_cookies.json) in its working directory. It will autonomously launch a browser when invoked, which is expected for browser automation.