Security audit

Baidu Map Harmonyos SDK（百度地图官方鸿蒙 SKills）

Security checks across malware telemetry and agentic risk

Overview

This skill is mainly a Baidu Maps HarmonyOS SDK helper, but it tells agents to automatically change dependencies, rewrite imports, and run install/build commands without asking first.

Install only if you are comfortable with the agent making Baidu SDK dependency changes. Before using it, require confirmation for ohpm uninstall/install, bulk import rewrites, and build commands, and review diffs after any package migration. Treat API keys, precise location, route text, device identifiers, and background location permissions as sensitive data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (11)

Intent-Code Divergence

Medium

Confidence: 86% confidence
Finding: The documentation claims this class is safe for concurrent coordinate conversion because it does not depend on the main thread's global coordinate type, but this method explicitly states it still uses Initializer.coordType internally. In a multithreaded mapping or navigation context, that mismatch can cause race-prone or incorrect coordinate interpretation, leading to wrong locations, route calculations, or geospatial decisions based on inconsistent state.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documentation exposes APIs for accessing or setting sensitive values such as authToken, CUID, ZID, app/device metadata, and aggregated device parameters without any warning about privacy, consent, storage, transmission, or regulatory handling. In a mapping and location SDK context, these identifiers can be combined with location and network data to enable device tracking, account abuse, or leakage of authentication material if developers use them carelessly.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The documentation describes setting and retrieving an API key but provides no warning that the key is a sensitive credential, nor any guidance to avoid hardcoding, logging, or exposing it in client-accessible artifacts. In an SDK skill focused on app integration, this omission can lead developers to embed the key insecurely, increasing the chance of credential leakage, abuse of map services, quota exhaustion, or unauthorized billing-related usage.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The documentation describes APIs that launch the external Baidu Maps app for homepage, marker, geocoder, route, and direction flows, but it does not warn developers or end users about the app handoff or the potential disclosure of sensitive location, route, and destination data to another application. In a location/navigation SDK context, this omission can lead to privacy surprises, insufficient consent UX, and insecure integrations where users are not clearly informed that map and travel data leaves the current app boundary.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The documentation exposes continuous and one-shot location APIs without any warning about consent, permissions, retention, or responsible handling of precise location data. In a location/navigation SDK, developers may copy these examples directly, which increases the risk of building apps that collect or track users without adequate notice or authorization.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The guidance explicitly tells the agent to perform dependency-scheme switching automatically and "无需额外询问用户", which removes an important user-consent checkpoint before changing project state. In an agent context, automatic package changes can alter build behavior, introduce breakage, or remove dependencies the user did not intend to modify, making this operationally unsafe even if the package-management goal is legitimate.

Missing User Warnings

High

Confidence: 98% confidence
Finding: This section instructs the agent to uninstall packages, bulk-rewrite imports across source files, and run install/build commands automatically, all without a documented warning about destructive impact or rollback planning. In a coding-agent setting, this creates a real risk of unintended codebase modification, broken builds, and hard-to-review mass changes, especially because the instructions normalize autonomous source edits and dependency removal.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The guide recommends requesting precise, approximate, background location, and multiple network/device information permissions without accompanying privacy guidance, consent requirements, or data-minimization advice. In a navigation SDK context, background and continuous location access can expose highly sensitive movement data if developers follow the document as-is and fail to implement clear user disclosure and runtime consent flows.

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The sample TTS plugin logs spoken navigation text, which may include sensitive route or destination-related content and could be captured in debug logs, crash reports, or shared diagnostics. While this is example code in a developer guide, it normalizes logging potentially privacy-sensitive user context without warning or sanitization.

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: - `@bdmap/locsdk` 为独立定位包，不受上述互斥限制，可与任何方案搭配使用。 - 详细规则、自动切换流程与场景建议见：[包管理规范](references/guidelines/package-management.md)。 5. **运行检测（Auto Run 构建）** - 每次完成与百度地图 HarmonyOS SDK 相关的代码改动后，必须按照约定的 Auto Run 流程执行一次构建与 ArkTSCheck，自检是否存在编码错误。 - 核心命令为：`ohpm install` + `hvigorw assembleHap --mode module -p product=default -p buildMode=debug --no-daemon`。 - 详细流程与错误分类处理见：[构建与编码错误自检规范](references/guidelines/build-and-test.md)。
Confidence: 93% confidence
Finding: Auto Run

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: - 详细规则、自动切换流程与场景建议见：[包管理规范](references/guidelines/package-management.md)。 5. **运行检测（Auto Run 构建）** - 每次完成与百度地图 HarmonyOS SDK 相关的代码改动后，必须按照约定的 Auto Run 流程执行一次构建与 ArkTSCheck，自检是否存在编码错误。 - 核心命令为：`ohpm install` + `hvigorw assembleHap --mode module -p product=default -p buildMode=debug --no-daemon`。 - 详细流程与错误分类处理见：[构建与编码错误自检规范](references/guidelines/build-and-test.md)。
Confidence: 92% confidence
Finding: Auto Run

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.