Safety Report

Wiener Linien

Name: Wiener Linien
Rating: 5 (7 reviews)
Author: hjanuschka

Vienna public transport (Wiener Linien) real-time data. Use when asking about departures, schedules, disruptions, elevator status, or directions in Vienna's public transport (U-Bahn, tram, bus, night bus). Queries stops, lines, and traffic info.

1,657Downloads

0Installs

7Stars

1Versions

Workflow Automation3,323 Calendar & Scheduling1,462 Networking & DNS1,102 Maps & Geolocation980

Security Analysis

high confidence

Clean0.04 risk

The skill's code and instructions align with its stated purpose (querying Wiener Linien real-time data); it only makes straightforward requests to wienerlinien.at and does not ask for credentials or perform suspicious actions.

Feb 11, 20266 files1 concern

Purpose & Capabilityok

Name/description match the actual behavior: scripts and SKILL.md call Wiener Linien OGD realtime endpoints to fetch departures, disruptions, elevator info and stop CSVs. No unrelated services, credentials, or unrelated binaries are required by the functionality.

Instruction Scopeok

Runtime instructions and the included shell scripts only perform network requests to wienerlinien.at (monitor, trafficInfoList, newsList, and CSV of stops) and parse results with jq/grep/head. The scripts do not read arbitrary local files, access unrelated env vars, or forward data to third-party endpoints.

Install Mechanismnote

There is no install spec (instruction-only), which is low risk. Minor metadata mismatch: registry lists no required binaries, but README and scripts expect curl and jq (and search-stop.sh uses grep/head). This is an implementation detail to be aware of, not an active risk.

Credentialsok

The skill requests no environment variables, no credentials, and no config paths. All network calls are to the Wiener Linien open-data endpoints, consistent with the described purpose.

Persistence & Privilegeok

always is false and the skill does not attempt to modify agent/system configuration. It is user-invocable and may be invoked autonomously per platform defaults, which is expected for a utility skill.

Guidance

This skill appears coherent and benign: it fetches public Wiener Linien Open Data via HTTPS and parses it locally. Before installing, confirm you are comfortable allowing outbound network requests to wienerlinien.at and that curl and jq are available in the environment (search-stop.sh also uses grep/head). Note the registry lists no homepage and the owner is an ID only — if provenance matters, try to verify the author/source (e.g., a repo or publisher) before use. If you have strict security requirements, run the scripts in a sandboxed environment and inspect them yourself; any deviation such as calls to other domains or requests for credentials would be a red flag.

Latest Release

v1.0.0

Initial release: Vienna public transport real-time data

Popular Skills

self-improving-agent

@pskoett · 1,456 stars

Gog

@steipete · 672 stars

Tavily Web Search

@arun-8687 · 620 stars

Find Skills

@JimLiuxinghai · 529 stars

Proactive Agent

@halthelobster · 426 stars

Summarize

@summarize · 415 stars

Published by @hjanuschka on ClawHub