ClawHub

LovTrip China Map (Amap)

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate China map helper, but its fallback shell script has an input-handling flaw that can run unintended local code from crafted address or keyword text.

Review before installing. Prefer the MCP path only from a pinned, trusted LovTrip package version, use a restricted Amap API key, and avoid `scripts/amap.sh` with untrusted address, city, or keyword text until its quoting is fixed. Do not submit highly sensitive home, work, or travel locations unless you are comfortable sending them to the map providers used by the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill declares only `Bash, Read` in metadata, but its documented setup and fallback behavior clearly enable external network access via an MCP server and direct REST API calls. This creates a capability/permission mismatch that can mislead users and security controls about what data leaves the environment, especially when handling addresses and precise locations.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
This skill processes sensitive location data such as addresses, coordinates, nearby searches, and route endpoints, but it does not warn users that these inputs will be sent to third-party services. In a mapping context this is especially sensitive because location history, home/work addresses, and travel plans can reveal highly personal information even when the functionality itself is legitimate.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script transmits user-provided addresses, coordinates, route endpoints, and search keywords to the external Amap API without any explicit disclosure or consent prompt. In a location-services skill, this is contextually expected, but geographic queries can still contain sensitive home/work locations or travel plans, so silent exfiltration to a third party creates a real privacy risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal