Baidu Map IOS SDK(百度地图官方IOS SKills)
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent instruction-only Baidu Maps iOS SDK guide, with expected notes around local build/package commands, Baidu API keys, and location permissions.
This skill appears safe to use for Baidu Maps iOS integration. Before installing or invoking it, be ready to review Podfile/dependency changes, run builds only in a working copy, protect your Baidu AK, and ensure any generated location or background-location behavior has clear privacy prompts and user consent.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run local builds and edit project files until the build succeeds.
The skill tells the agent to run local build tooling and make iterative code fixes. That is aligned with an iOS SDK integration workflow, but it can change the user's project without a separate approval step for each repair.
自动执行编译:使用 `xcodebuild ... build` ... 若编译报错 ... 立即修复 ... 循环 ... 直至编译通过
Use it in a working copy, confirm the workspace/scheme before running builds, and review diffs before committing.
The project may add or update third-party SDK dependencies and generated workspace files.
The skill directs dependency installation through CocoaPods in the user's project. This is expected for Baidu iOS SDK integration, but it changes project dependencies.
先配置并执行 CocoaPods(编写/补全 Podfile → 执行 `pod install` → 使用生成的 `.xcworkspace` 打开)
Verify the Podfile entries, prefer official Baidu SDK pods, keep a lockfile, and review dependency changes.
A real Baidu AK may be inserted into the app configuration or code.
The skill requires a Baidu application key tied to the user's app identity. This is normal for Baidu SDK access and no artifact shows hardcoded keys or leakage.
申请 iOS 应用 AK ... Bundle Identifier 必须与工程中 `PRODUCT_BUNDLE_IDENTIFIER` 一致 ... 将 `YOUR_AK` 替换为实际 AK
Use a properly scoped Baidu iOS AK, restrict it to the correct Bundle Identifier, and avoid committing secrets beyond what the SDK requires.
If implemented, the app may request location access, including background location for relevant features.
The location documentation includes background-location capability. This is a sensitive app permission, but it is disclosed and tied to the map/location SDK purpose.
后台定位 | allowsBackgroundLocationUpdates = YES,UIBackgroundModes 含 location,并配置 Info.plist 定位相关说明
Enable background location only when necessary, provide clear user-facing privacy text, and ensure the app asks for consent before initializing location SDK components.