ClawHub

Mapbox MCP Devkit Patterns

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Mapbox development helper with expected account and token workflows, but users should handle Mapbox tokens carefully.

Install this only if you intend to let an MCP-enabled assistant work with your Mapbox account. Prefer hosted OAuth when possible, use least-privilege and domain-restricted tokens, keep real tokens out of repositories and chat transcripts, and require explicit confirmation before uploads, updates, or deletes against production Mapbox assets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The skill documents token creation capabilities and scope selection, but it does not explicitly warn that generated tokens are sensitive credentials that must not be exposed, logged, or over-scoped. In an AI-assisted workflow, this omission can lead users to create powerful tokens casually and paste or store them in insecure places, increasing the chance of credential leakage or misuse.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The self-hosted example places a Mapbox access token directly in a configuration snippet without any warning about secret handling. Users may copy this pattern into checked-in config files or shared workspace settings, causing accidental credential exposure and unauthorized access to Mapbox resources.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill explicitly promotes token creation and listing by an AI assistant but provides no warning about credential sensitivity, secure storage, least-privilege scopes, or avoiding exposure in chat logs and code. In a skill designed for AI-assisted development, that omission increases the chance that users will handle real Mapbox tokens insecurely or request overly broad credentials.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The self-hosted example places `MAPBOX_ACCESS_TOKEN` directly in a JSON configuration snippet as a plaintext secret, with no warning about secret handling, accidental commits, or use of a safer secret source. In setup documentation for AI assistants, users commonly copy-paste examples into repo-local config files, which increases the chance of credential exposure through source control, logs, screenshots, or shared workspace files.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The workflow explicitly encourages listing all Mapbox tokens and their scopes without warning that token values are secrets and should not be displayed broadly in chat, logs, screenshots, or shared assistant transcripts. In an AI coding assistant context, this is more dangerous because model conversations may be retained, summarized, or exposed to collaborators, increasing the risk of credential disclosure and subsequent unauthorized API use.

VirusTotal

42/42 vendors flagged this skill as clean.

View on VirusTotal