12306 Train Assistant
v0.1.712306 查询与订票辅助技能,支持余票查询、经停站查询、中转换乘、候补查询与提交/取消、登录状态检查、密码登录与二维码登录、下单与支付链接获取;当用户提到火车票、高铁票、经停站、中转、候补或 12306 查票时触发。
⭐ 5· 703·5 current·6 all-time
by@myxtype
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (12306 查询与订票) align with the included client.py: the script targets kyfw.12306.cn, implements login, ticket queries, transfer/booking, QR login and candidate (候补) operations. No unrelated services, env vars, or binaries are requested.
Instruction Scope
SKILL.md instructs the agent to invoke the bundled client.py for all operations (queries, login, booking, payment info). This includes background QR login checks and storing/retrieving login state and cookies in the repository's cache directory—expected for this functionality but worth noting because credentials and session tokens are handled and persisted locally.
Install Mechanism
No install spec; this is an instruction-only skill that ships client.py. No remote downloads or package installs are requested, minimizing supply-chain risk. Code executes locally when the agent runs the script.
Credentials
The skill declares no environment variables but does perform login flows that require user credentials (username/password, SMS/ID last4, QR). That is proportionate to booking functionality. The code also contains a hard-coded SM4 key used to encrypt passwords before sending—this is consistent with client-side encryption for 12306 but you may want to review the implementation if you have concerns about how credentials are handled.
Persistence & Privilege
always is false and the skill doesn't request elevated system privileges. The client will create and update local cache files (cookies, qr login state, station index) under a cache directory next to the script—persistent storage of session tokens is normal here but users should be aware these files contain auth state and may persist across runs.
Assessment
This skill appears to be what it claims: a 12306 ticket helper that runs the included client.py locally. Before installing/using it: (1) Inspect client.py for any network endpoints beyond kyfw.12306.cn (ensure no unexpected external domains). (2) Understand that you will provide 12306 credentials for login/book actions; session cookies and QR/login state are stored in a cache directory next to the script—treat those files as sensitive. (3) Run the script in a trusted environment (do not run as root) and back up/delete cache files if you want to remove persisted session state. (4) If you need higher assurance, request a full code review of the complete client.py to validate there is no hidden exfiltration or calls to third-party servers. I have medium confidence because I reviewed the SKILL.md and the visible portions of client.py (networking to kyfw.12306.cn, SM4 routines, local cache files) but did not execute a full automated trace of every network call in the entire source file.Like a lobster shell, security has layers — review code before you run it.
latestvk977hrn16ayz2s866ezsch78rx82w9z3
License
MIT-0
Free to use, modify, and redistribute. No attribution required.