ClawHub

travel-planner-plus

Security checks across malware telemetry and agentic risk

Overview

This travel-planning skill does what it claims, but users should be aware it uses external search, Baidu Maps, Feishu file delivery, and a Baidu API key.

Install only if you are comfortable with your trip details being used in web searches, Baidu Maps API calls, and a Feishu-delivered Word document. Use a dedicated Baidu Maps API key with limited quota, avoid sharing sensitive personal details in prompts, and review the generated file and recipient before sending.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (10)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill clearly performs network operations against search engines and Baidu Map APIs, yet no explicit permissions are declared. This weakens platform governance and user visibility into what external access the skill requires, making unintended data egress more likely.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill description omits an upfront warning that user trip details will be sent to external search and mapping providers. Travel dates, destinations, preferences, and possibly hotel/transport choices can reveal sensitive personal patterns, so hidden third-party transmission creates a real privacy risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill does not clearly warn users that it will generate and send a Word document containing their itinerary through Feishu. That document may contain personal travel plans, dates, locations, and preferences, so sending it through an external messaging platform without clear notice can expose private information.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
The script prints part of the Baidu API key to stdout, which can leak sensitive credentials into logs, terminal history, CI output, or monitoring systems. Even partial secret disclosure is risky because it confirms secret presence and may expose enough material for correlation or targeted abuse when combined with other leaks.

External Transmission

Medium
Category
Data Exfiltration
Content
```
地理编码API:
https://api.map.baidu.com/geocoding/v3/?address={地点}&output=json&ak={AK}

驾⻋路线API:
https://api.map.baidu.com/direction/v2/driving?origin={lat,lng}&destination={lat,lng}&ak={AK}
Confidence
93% confidence
Finding
https://api.map.baidu.com/

External Transmission

Medium
Category
Data Exfiltration
Content
https://api.map.baidu.com/geocoding/v3/?address={地点}&output=json&ak={AK}

驾⻋路线API:
https://api.map.baidu.com/direction/v2/driving?origin={lat,lng}&destination={lat,lng}&ak={AK}

公交路线API:
https://api.map.baidu.com/direction/v2/transit?origin={lat,lng}&destination={lat,lng}&ak={AK}
Confidence
93% confidence
Finding
https://api.map.baidu.com/

External Transmission

Medium
Category
Data Exfiltration
Content
https://api.map.baidu.com/direction/v2/driving?origin={lat,lng}&destination={lat,lng}&ak={AK}

公交路线API:
https://api.map.baidu.com/direction/v2/transit?origin={lat,lng}&destination={lat,lng}&ak={AK}
```

### Step 5: 智能排程
Confidence
93% confidence
Finding
https://api.map.baidu.com/

External Transmission

Medium
Category
Data Exfiltration
Content
### 地理编码(地址→坐标)

```bash
curl "https://api.map.baidu.com/geocoding/v3/?address={地址}&output=json&ak={AK}"
```

返回:`{ status: 0, result: { location: { lng: 经度, lat: 纬度 } } }`
Confidence
94% confidence
Finding
https://api.map.baidu.com/

External Transmission

Medium
Category
Data Exfiltration
Content
### 公交路线规划

```bash
curl "https://api.map.baidu.com/direction/v2/transit?origin={lat},{lng}&destination={lat},{lng}&ak={AK}"
```

返回:`{ status: 0, result: { routes: [{ distance: 距离(米), duration: 时间(秒), price: 费用 }] } }`
Confidence
94% confidence
Finding
https://api.map.baidu.com/

External Transmission

Medium
Category
Data Exfiltration
Content
### 驾⻋路线规划

```bash
curl "https://api.map.baidu.com/direction/v2/driving?origin={lat},{lng}&destination={lat},{lng}&ak={AK}"
```

---
Confidence
94% confidence
Finding
https://api.map.baidu.com/

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal