The Agent Skills Directory

[SAFE]: The skill focuses entirely on the stated purpose of querying train tickets. It provides clear, standard operating procedures (SOP) for navigating the 12306.cn website using well-defined browser actions.
[DATA_EXFILTRATION]: The skill only interacts with official domains (12306.cn and kyfw.12306.cn). Analysis confirmed no attempts to access sensitive local files, environment variables, or hardcoded credentials. It does not send data to unauthorized third-party servers.
[PROMPT_INJECTION]: No malicious instructions designed to bypass agent safety filters or override system prompts were detected. The instructional language is functional and directive toward the task of train ticket retrieval.
[REMOTE_CODE_EXECUTION]: The skill does not download external scripts, install unauthorized packages, or use dangerous execution patterns like curl | bash. It utilizes the agent's built-in capabilities for browser automation.
[OBFUSCATION]: All files were scanned for hidden content, including Base64, zero-width characters, and homoglyphs. No obfuscation techniques were found; all instructions and data are in plain, human-readable text.
[INDIRECT_PROMPT_INJECTION]: While the skill ingests data from external web pages (train search results), it is evaluated as a low-risk surface. The skill uses standard content extraction actions (readability) and does not have the high-privilege capabilities (like file writing or shell access) necessary to turn ingested data into a significant threat.

12306-train-query