spots

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Google Places CLI helper, with expected but sensitive setup around a Google API key.

Before installing, verify the GitHub repository and consider pinning a known version instead of using @latest. Use a Google API key restricted to Places and Geocoding, set quotas or billing alerts, and avoid publishing exact secret-manager paths or exposing the key outside intentional CLI use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: The skill instructs users to configure a Google Places API key but does not include any guidance on safe handling, scoping, billing exposure, or privacy implications of using location/search data. In an agent-skill context, this omission increases the chance that users will paste high-privilege credentials into insecure environments or use unrestricted keys that can be abused if exposed.

Ssd 3

Medium

Confidence: 93% confidence
Finding: The document discloses a concrete 1Password secret path for the Google API key, which reveals where a sensitive credential is stored and how it is named. Even without the secret value itself, this materially lowers the effort for an insider, compromised agent, or social-engineering attacker to target the exact vault item and can facilitate credential theft or misuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal