Back to skill
Skillv1.0.1
ClawScan security
Linz Public Transport · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 13, 2026, 10:21 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This skill's code, instructions, and requirements are consistent with its stated purpose of querying Linz Linien EFA endpoints; it requests no credentials, installs nothing, and only performs outbound API calls to the transit endpoints.
- Guidance
- This skill appears to be what it says: a small CLI that queries public Linz EFA endpoints and returns parsed results. It does not request secrets or install software. Things to consider before installing: (1) the default base URL is plain HTTP (http://www.linzag.at/linz2) — if you prefer encrypted traffic, set LINZ_TRANSPORT_API_BASE_URL to an HTTPS endpoint; (2) the skill will make outbound network requests to the transit server (ensure your environment policy allows that); (3) SKILL.md references the optional LINZ_TRANSPORT_API_BASE_URL env var but the registry metadata omitted it — this is just a metadata inconsistency, not malicious; and (4) because the agent may invoke skills autonomously (platform default), installing this skill allows the agent to make network calls to the public endpoint when relevant. If those points are acceptable, the skill is coherent and reasonable to install.
Review Dimensions
- Purpose & Capability
- okThe name/description promise (stop lookup and departures via Linz EFA) matches the included Python CLI, the referenced EFA endpoints, and the README reference material. The script only constructs EFA requests and parses responses — nothing in the package asks for unrelated services or credentials.
- Instruction Scope
- okSKILL.md instructs the agent to run the included script, resolve a base URL (user-provided, env var, or default), and return compact summaries. The runtime steps and error handling are limited to network calls to the declared EFA endpoints and parsing their JSON payloads. There are no instructions to read unrelated files, harvest env vars, or send data to other endpoints.
- Install Mechanism
- okNo install spec is present (instruction-only with an included script). Nothing is downloaded or extracted at install time, so there is no installer-related code-execution risk.
- Credentials
- noteThe skill does not require credentials or config paths. SKILL.md documents an optional LINZ_TRANSPORT_API_BASE_URL env var as an override; the registry metadata did not list required env vars, which is a minor metadata mismatch but not a security issue. No secrets are requested.
- Persistence & Privilege
- okThe skill is not forced-always; it is user-invocable and may be invoked autonomously by the agent (the platform default). The skill does not modify other skills or system settings.