ClawHub
Back to skill
v1.0.0

UK Trains

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 4:54 AM.

Analysis

This skill coherently queries UK rail timetable APIs; the main thing to notice is that it needs a National Rail API token, which the registry metadata does not fully declare.

GuidanceThis skill appears safe for its stated purpose. Before installing, be aware that it needs a National Rail API token despite the registry metadata saying no credential is required. Prefer a dedicated token, avoid untrusted Huxley2 endpoint overrides, and revoke the token if you believe it was exposed.

Findings (2)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityInfoConfidenceHighStatusNote
metadata
Required binaries (all must exist): none
Required env vars: none
Env var declarations: none
Primary credential: none
Install specifications: No install spec — this is an instruction-only skill.

The registry metadata does not advertise the API token and helper prerequisites that are described in SKILL.md and used by the scripts. Because the token is purpose-aligned and disclosed in the skill instructions, this is a declaration gap rather than hidden behavior.

User impactThe registry summary may make the skill look like it has no credential or runtime requirements, even though setup requires a National Rail token and some helpers rely on local CLI tools.
RecommendationReview the SKILL.md setup before use and ensure the required token and local tools are intentionally provided.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
scripts/trains.sh
HUXLEY_BASE="${HUXLEY_URL:-https://huxley2.azurewebsites.net}"
TOKEN="${NATIONAL_RAIL_TOKEN:-}"
...
url="${url}?accessToken=${TOKEN}"

The shell helper uses the National Rail token and appends it to requests sent to the configured Huxley2 endpoint. This is expected for the rail-data integration, but it is still credential handling that users should notice.

User impactIf you use the Bash helper, your National Rail token is sent to the default Huxley2 service or to whatever endpoint you configure with HUXLEY_URL.
RecommendationUse a dedicated, revocable National Rail token; keep it in a private environment variable; and do not set HUXLEY_URL to an endpoint you do not trust.