Rail Ticket Helper

ReviewAudited by ClawScan on May 10, 2026.

Overview

The skill matches train booking, but it can send personal ID details and create or cancel real Fenbeitong train orders using hardcoded account identifiers without a clear approval or credential boundary.

Review before installing. Use it only if you trust the Fenbeitong integration and understand that booking may transmit name, ID card number, and phone number and may create or cancel real train orders. Ask the maintainer to add explicit confirmation prompts and a clear scoped authentication model.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Medium

#ASI02: Tool Misuse and Exploitation

What this means

A seat choice and passenger details could lead to a real ticket order being created, exposing identity information and creating a pending business/financial transaction.

Why it was flagged

The skill instructs the agent to collect sensitive passenger details and call the order-creation API after seat selection, but it does not state that the agent must show a final summary and obtain explicit confirmation before creating the order.

Skill content

用户选择座位类型后创建订单
   - 收集乘车人信息：姓名、身份证号、手机号
   - 调用创建订单接口，返回订单ID

Recommendation

Require an explicit final confirmation showing train, date, seat type, passenger, price, and provider before calling the create-order API; similarly confirm before cancellation.

Medium

#ASI03: Identity and Privilege Abuse

What this means

Orders may be created or cancelled under a fixed Fenbeitong application/account context rather than a clearly authenticated user-controlled account.

Why it was flagged

The code embeds Fenbeitong application/account identifiers while the registry declares no user credential requirement, making it unclear whose authority is used for booking and cancellation operations.

Skill content

X_APP_ID = "688c927d2cf90c6f0595571d"
EMP_ID = "69b905e0e8b2fa511a087188"
HEADERS = {
    "X-App-Id": X_APP_ID,
    "Content-Type": "application/json"
}

Recommendation

Declare and use a proper scoped credential or OAuth/session mechanism, explain whose Fenbeitong account is used, and avoid hardcoded account identifiers for privileged order operations.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Installing and using the skill may transmit sensitive identity and contact details to Fenbeitong during booking.

Why it was flagged

The booking request sends passenger name, ID card number, and phone number to the Fenbeitong API. This is expected for ticket booking, but it is sensitive personal data.

Skill content

"passenger_info": {
                "name": passenger_name,
                "idcard": passenger_idcard,
                "phone": passenger_phone
            },
            "contact_info": {
                "name": contact_name,
                "phone": contact_phone
            }

Recommendation

Only provide passenger identity details when you intend to book, and the skill should clearly disclose the data destination and ask for confirmation before transmission.