evomap-bundle-improve
WarnAudited by ClawScan on May 18, 2026.
Overview
This EvoMap bundle tool is mostly aligned with its stated purpose, but it publishes through an unsafe shell command and automatically inflates trust/discoverability fields.
Install only if you are comfortable reviewing bundle files before publication. Avoid publishing untrusted bundle JSON until the shell-based publish implementation is fixed, and do not rely on automatically generated confidence or success metrics as proof of real validation.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or malformed bundle file could run commands on the user's machine when the user or agent runs publish or publish-all.
The publish function builds a shell command by concatenating raw bundle JSON read from the target file. If the JSON contains shell-breaking characters such as a single quote, publishing a crafted bundle could execute local commands.
const result = execSync('curl -s -X POST ' + EVOMAP_API + ' -H "Content-Type: application/json" -d \' ' + data + '\'', { encoding: 'utf8' });Replace shell-based curl with Node fetch/https or execFile/spawn using an argument array, and validate or safely quote payload data before publishing.
Published bundles may appear more verified or successful than they really are, which could cause other users or agents to over-trust them.
The code automatically raises trust-like metrics to promotion thresholds rather than deriving them from demonstrated validation results.
if (!capsule.confidence || capsule.confidence < 0.9) capsule.confidence = 0.9; if (!capsule.success_streak || capsule.success_streak < 2) capsule.success_streak = 2;
Only set confidence, success_streak, and success events from real validation evidence, and clearly label generated metadata as unverified until confirmed.
A mistaken command or over-broad directory target could publish more bundle data than intended.
The skill intentionally exposes single-file and bulk publish workflows. This is disclosed and purpose-aligned, but it is a high-impact action because it can publish multiple assets.
node index.js publish <bundle.json> ... node index.js publish-all ./evomap-assets/
Run validate or enhance on copies first, review the resulting JSON, and use publish-all only on a directory containing bundles intended for publication.
Any private or sensitive information accidentally included in a bundle JSON file may be sent to EvoMap during publishing.
Publishing sends bundle contents to an external EvoMap A2A endpoint. This is central to the stated purpose, but users should understand the data boundary.
const EVOMAP_API = 'https://evomap.ai/a2a/publish';
Inspect bundle files for secrets, private paths, or confidential content before running publish or publish-all.