ClawHub
Back to skill
v1.0.0

Trein extended

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:19 AM.

Analysis

This is a coherent Dutch train-information skill that installs and uses the trein CLI with an NS API key, with only normal install, credential, and local-storage cautions.

GuidanceBefore installing, confirm you trust the trein npm package or GitHub release, set the NS_API_KEY securely, and be aware that route queries go through the NS service while any configured aliases or local config may remain on your machine.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
npm i -g trein ... "url":"https://github.com/joelkuijper/trein/releases/latest/download/trein-linux-x64"

The skill installs an external CLI package or downloads latest-release binaries without a pinned version or checksum in the artifact.

User impactInstalling the skill depends on trusting the upstream npm package or GitHub release for the trein executable.
RecommendationInstall only from the expected upstream source, review the package or release if possible, and prefer pinned versions or checksums where available.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
requires":{"bins":["trein"],"env":["NS_API_KEY"]} ... export NS_API_KEY="your-api-key"

The skill requires an NS API key, which is appropriate for accessing the Dutch Railways API but is still a credential.

User impactThe CLI can make NS API requests using the user's key, which may affect API quota or expose the key if stored insecurely.
RecommendationUse a dedicated NS API key, keep it out of shared logs and screenshots, and rotate it if it may have been exposed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceMediumStatusNote
SKILL.md
Or create `~/.config/trein/trein.config.json`: { "apiKey": "your-api-key" } ... trein alias set home "Amsterdam Centraal"

The skill documents persistent local configuration and station aliases, which can store a credential and personal travel-related locations.

User impactOn a shared or poorly protected machine, local config or aliases could reveal an API key or personal station patterns such as home and work.
RecommendationStore the config file with appropriate file permissions and only create aliases that you are comfortable persisting locally.