ClawHub

Google Maps

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate maps skill, but it ships a fallback access key and sends precise location data to external services without enough user-facing disclosure.

Review before installing. Use this only if you are comfortable with addresses, coordinates, routes, and place searches being sent through OneKey Gateway to mapping providers. Prefer a version that removes the bundled fallback key, requires your own scoped credential, and clearly documents privacy handling for location data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Context-Inappropriate Capability

Low
Confidence
97% confidence
Finding
The code falls back to a hardcoded router access credential when the environment variable is absent. Embedded default secrets are dangerous because they can be extracted from source control or distributed artifacts and reused by unauthorized parties to access the upstream gateway, incur costs, or abuse associated privileges.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The code embeds a hardcoded fallback router access key when the environment variable is absent, which creates credential-like behavior directly in source code. Even if intended for testing, this can enable unauthorized use of the external gateway, make the key trivially recoverable from the skill package, and encourages insecure deployment practices in a tool that forwards user requests to a third-party service.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly sends user-supplied addresses, coordinates, place queries, and routing requests to Google Maps APIs via the OneKey Gateway, but it does not clearly warn users that potentially sensitive location data will be transmitted to third parties. In a mapping skill, this data flow is expected, but the lack of a privacy notice or consent language can still expose sensitive travel patterns, home/work locations, and search intent without informed user awareness.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script sends user-supplied origin and destination data to an external service through OneKeyAgentRouter without any notice, consent flow, or indication that sensitive location information will leave the local environment. Location data can reveal home, work, travel patterns, or other sensitive personal information, so undisclosed transmission creates a real privacy and compliance risk even if the functionality is expected for a maps integration.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script sends user-supplied latitude/longitude data to an external service through OneKeyAgentRouter without any notice, consent flow, or disclosure that precise location data will leave the local environment. Location data is sensitive personal information, and silent transmission can create privacy, compliance, and user-trust risks, especially if used on behalf of others or in regulated contexts.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
User-supplied address data is transmitted to an external routing service without any warning, consent prompt, or disclosure in the script. Addresses are often sensitive personal or business location data, so silent transfer to a third party increases privacy risk and may violate user expectations or policy requirements.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal