mcp-server-12306
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or safety bypass attempts were detected. The skill's stated purpose of providing train information matches its described functionality.- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the server via standard package managers (uvx, pipx) or by cloning a GitHub repository (github.com/drfccv/mcp-server-12306.git). These are standard practices for MCP server setup and do not involve untrusted remote code execution.- [DATA_EXFILTRATION]: The server queries public 12306 APIs for railway information. There is no evidence of sensitive local file access or unauthorized data exfiltration.- [PROMPT_INJECTION]: The instructions do not contain commands to override agent behavior, bypass safety filters, or extract system prompts.
Audit Metadata