ClawHub

Gaode Map CLI - 高德官方命令行工具 Skill

Security checks across malware telemetry and agentic risk

Overview

This map-control skill is mostly coherent, but it tells the agent to read AMap credentials from a local OpenClaw config file and export them broadly, so it needs review before installation.

Review before installing. Use it only if you are comfortable with the agent accessing your AMap keys and handling precise map locations or clicked POIs. Prefer a version that relies on platform-scoped environment injection instead of reading ~/.openclaw/openclaw.json, and avoid using sensitive home, workplace, client, or travel locations unless you understand they may be sent to AMap services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to read API credentials from a local OpenClaw configuration file and export them into the shell. That exceeds the minimum privilege needed for a map-control skill and normalizes local secret harvesting behavior, which could be repurposed to access or expose sensitive values without clear user consent.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill tells the agent to retrieve and export API keys from a local config file but does not provide a clear privacy notice or explicit consent boundary for accessing locally stored secrets. Even if the values are intended for this skill, instructing file-based secret access creates unnecessary secret-handling risk and weakens users' expectations about what local data an agent may read.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill supports route planning, POI search, and retrieval of clicked map events, all of which may involve precise location data and user interaction data being processed by the GUI container and external map services. Without an explicit disclosure, users may not realize that sensitive location inputs or selected POIs could leave the local agent context or persist in the running map environment.

Credential Access

High
Category
Privilege Escalation
Content
if [ -f "$CONFIG_FILE" ]; then
    AMAP_KEY=$(node -e "
      const c = require('$CONFIG_FILE');
      const env = c?.skills?.entries?.['amap-cli-skill']?.env || {};
      console.log(env.AMAP_KEY || '');
    " 2>/dev/null)
    AMAP_SECURITY_KEY=$(node -e "
Confidence
97% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
" 2>/dev/null)
    AMAP_SECURITY_KEY=$(node -e "
      const c = require('$CONFIG_FILE');
      const env = c?.skills?.entries?.['amap-cli-skill']?.env || {};
      console.log(env.AMAP_SECURITY_KEY || '');
    " 2>/dev/null)
    export AMAP_KEY
Confidence
97% confidence
Finding
.env

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal