接送站助手

What to consider before installing: - The SKILL.md claims the skill MUST call real car‑service platform APIs and forbids fabricating prices or vehicles, but the included code simulates drivers and prices locally and contains no network calls, API endpoints, or credential handling. Ask the author to explain how real bookings are performed and to provide the actual integration code and required auth details. - The SKILL.md triggered a 'unicode control characters' scan hit; these characters can be used to hide or manipulate prompts. Inspect the SKILL.md file in a text editor that shows hidden characters and remove any suspicious control codes before use. - Running the included Python modules will execute local code that fabricates orders and uses random values; do not rely on this for actual bookings or billing. If you need production booking, require the skill to accept explicit API endpoints and API keys and show secure handling of those credentials. - Because there is no external install, the immediate risk is limited to whatever the Python code does locally. Still, review the full code for any unintended behaviors (networking, logging of sensitive data) before running in any environment that has production data. - If you are not the maintainer, treat this skill as a simulator/sample until the integration inconsistencies and hidden-character issue are resolved. If you want, request the author to: (1) remove hidden control characters, (2) provide documented external API endpoints and required env vars, and (3) include secure credential handling and network-call code if real bookings are intended.