ClawHub

Ncloud Maps

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it handles sensitive route locations and prints exact coordinates to logs without clear user-facing disclosure.

Install only if you are comfortable sending route locations to Naver Cloud Maps and with exact route coordinates appearing in runtime logs. Use a dedicated, least-privilege Naver Maps API key, avoid sensitive home/work/customer routes unless appropriate, protect any .env file, and prefer removing or disabling coordinate logging before production use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Low
Confidence
91% confidence
Finding
The function logs user-supplied start, goal, and waypoint coordinates directly to the console. Route coordinates are sensitive location data, and writing them to logs can expose users' travel history or precise locations to operators, log aggregation systems, or anyone with access to runtime logs. In this context, the skill's purpose does not require persistent logging of raw coordinates, so the exposure is unnecessary.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The function logs precise start, goal, and waypoint coordinates to the console and then transmits them to Naver Cloud Maps, but there is no built-in notice, consent flow, or minimization around this sensitive location data handling. Exact route data can reveal home/work locations or travel patterns, and console logs may be retained in server logs, CI output, or shared observability systems beyond the intended API call.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal