pp-infotbm

Provides Bordeaux transit schedules and real-time arrivals, enhancing travel planning and commute automation for users in the Bordeaux Métropole.

Install this skill

80/100

Security score

The pp-infotbm skill was audited on Jun 14, 2026 and we found 4 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 293

Webhook reference - potential data exfiltration

SourceSKILL.md

293	\| `webhook:<url>` \| POST the output body to the URL (`application/json` or `application/x-ndjson` when `--compact`) \|

medium line 295

Webhook reference - potential data exfiltration

SourceSKILL.md

295	Unknown schemes are refused with a structured error naming the supported set. Webhook failures return non-zero and log the URL + HTTP status on stderr.

medium line 239

Access to hidden dotfiles in home directory

SourceSKILL.md

239	Or persist it in `~/.config/infotbm-pp-cli/config.json`.

medium line 281

Access to hidden dotfiles in home directory

SourceSKILL.md

281	Entries are stored locally at `~/.local/share/infotbm-pp-cli/feedback.jsonl`. They are never POSTed unless `INFOTBM_FEEDBACK_ENDPOINT` is set AND either `--send` is passed or `INFOTBM_FEEDBACK_AUTO_SE

Scanned on Jun 14, 2026

View Security Dashboard

Installation guide →

GitHub Stars 1.5K

Rate this skill

Categorysupport

UpdatedJune 24, 2026

openclaw api customer-experience growth-marketer product-manager 🇫🇷 FR support marketing product

mvanhorn/printing-press-library