ClawHub

Google Maps Skill

Security checks across malware telemetry and agentic risk

Overview

This Google Maps helper matches its stated purpose, but it uses a Google Maps API key and can expose that key in error output while sending user location data to Google.

Review before installing. Use a Google Maps API key restricted to the needed APIs and domains, set quota and billing limits, avoid submitting sensitive home/work addresses or private route data unless necessary, and patch error handling to redact query parameters or API keys before logging request URLs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill explicitly relies on an environment variable (`GOOGLE_MAPS_API_KEY`) and makes outbound Google Maps API calls, but the manifest does not declare the corresponding env and network permissions. This creates a transparency and policy gap: the agent may access sensitive credentials and external services without clear upfront disclosure or enforcement, increasing the risk of unintended secret use or data egress.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger description covers broad cases such as 'Google Maps queries', 'international route planning', 'place search', or any need to call Google Maps APIs via script, without clear limits on when the skill should or should not activate. Overly broad activation can cause the agent to invoke this networked, credential-using skill in situations where a simpler or safer response would suffice, leading to unnecessary external data disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal