12306 Train Query
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: 12306 Version: 1.0.2 The skill bundle is a functional tool for querying China Railway 12306 train schedules and ticket availability. The code in `query.mjs` and `stations.mjs` interacts exclusively with official 12306 API endpoints (kyfw.12306.cn and www.12306.cn) and uses standard Node.js built-in modules for file I/O and network requests. There is no evidence of data exfiltration, malicious command execution, or prompt injection attempts in the documentation or scripts.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may create or overwrite a local output file if directed to a path the process can write.
The skill can create local HTML output files and allows a user-selected output path. This is expected for the documented reporting feature, but it is still local file-writing authority.
HTML mode (default): writes file, prints path to stdout ... `-o, --output <path>`: Output file path, html mode only
Use the default output location or a temporary directory, and avoid asking it to write to important system or personal files.
It is harder to verify who maintains the skill or compare the installed artifact against an upstream project.
The registry metadata does not provide a clear upstream source or homepage, which limits independent provenance verification even though the visible code is coherent.
Source: unknown; Homepage: none
Install only if you trust the registry publisher, and re-check the skill contents on future updates.
Cached station data can affect later lookups until it expires or is refreshed, but it does not appear to contain personal user data.
The skill persists downloaded station metadata for seven days and reuses it for station-name resolution.
const CACHE_FILE = join(__dirname, '..', 'data', 'stations.json'); const CACHE_TTL = 7 * 24 * 3600 * 1000;
Delete the cache or force a refresh if station results look stale or incorrect.