Back to skill
Skillv1.0.2
ClawScan security
高德SKILL 美食雷达 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 15, 2026, 11:57 AM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and instructions are coherent with its stated purpose: it needs a single AMAP_API_KEY and integration with the AMap MCP server to perform nearby POI searches; nothing requested appears unrelated to providing restaurant recommendations.
- Guidance
- This skill appears to do what it says: it needs your AMap API key and the @amap/mcp-server MCP integration to search POIs. Before installing/configuring: 1) Verify the AMAP API key only has the permissions you expect and store it securely in your assistant's config; be prepared to rotate it if exposed. 2) Inspect the @amap/mcp-server npm package (version, publisher, repository) before allowing npx to fetch/run it, since npx will download and execute remote code. 3) Consider running the MCP server in a restricted environment (container) if you are cautious about third-party code. 4) Review AMap's privacy/docs so you understand what location data will be sent to AMap when the skill requests nearby POIs.
Review Dimensions
- Purpose & Capability
- okName/description (AMAP-based nearby food recommendations) match the declared requirement (AMAP_API_KEY) and the SKILL.md which describes calling AMap MCP endpoints (maps_around_search, maps_search_detail). No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okRuntime instructions are constrained to parsing user preferences, requesting location when needed, and calling AMap search/detail tools. The SKILL.md does not instruct the agent to read arbitrary system files, other credentials, or to exfiltrate data to third-party endpoints. It does instruct the user to add their API key into the assistant's MCP config—reasonable for this integration.
- Install Mechanism
- noteThe package has no install spec in the registry (instruction-only). However, SKILL.md directs using `npx -y @amap/mcp-server` in the assistant's MCP config. That implies runtime download/execution of the @amap/mcp-server npm package when the MCP server is started. This is expected for an MCP integration but does carry the usual risk of executing code fetched from npm at runtime; verify the npm package and its integrity before trusting it.
- Credentials
- okOnly one environment variable (AMAP_API_KEY) is required and declared as the primary credential — appropriate and proportionate for calling AMap APIs. The SKILL.md does not reference other env vars or secrets. Note: the API key will be placed in the assistant's MCP config file, so protect that config and rotate the key if it is exposed.
- Persistence & Privilege
- okThe skill is not always-enabled and is user-invocable; autonomous invocation is allowed (platform default). It does not request system-wide config changes or other skills' credentials. No elevated persistence is requested.