Google Maps Search Api Skill
PassAudited by ClawScan on May 1, 2026.
Overview
The skill appears to do what it claims—use a local Python wrapper to send Google Maps search requests to BrowserAct—but users should notice that it uses a BrowserAct API key and a provider-hosted workflow.
Install only if you are comfortable sending the search terms and task requests to BrowserAct and using your BrowserAct API quota. Set the API key securely as an environment variable, review large result counts before running, and verify BrowserAct's provider/template trust and pricing.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A failed search may be run a second time automatically, potentially using more API quota or time.
The skill instructs the agent to run a local script with user-selected search parameters and to retry once on some failures. This is purpose-aligned and bounded, but it may consume additional time or BrowserAct usage.
python -u ./scripts/google_maps_search_api.py "search keywords" "language" "country" count ... automatically try to re-execute the script once
For broad or costly searches, confirm the keywords, country, and result count before running, and stop after the documented single retry if it fails.
If the key is exposed, someone could use the user's BrowserAct account or quota.
The script uses a BrowserAct API key from the environment as a bearer token. This is expected for the service, and there is no evidence it is logged or sent elsewhere, but it is still account authority.
api_key = os.getenv("BROWSERACT_API_KEY") ... headers = {"Authorization": f"Bearer {api_key}"}Prefer setting the key as an environment variable, avoid pasting it into shared chats or logs, and rotate or monitor the key if exposure is suspected.
The actual browser automation is performed by BrowserAct's hosted workflow, so provider behavior, availability, and account billing matter.
The core extraction work is delegated to a hardcoded BrowserAct-hosted workflow template rather than code fully contained in the artifact. This is disclosed and central to the skill, but users should trust the provider and template provenance.
TEMPLATE_ID = "77805072070738748" API_BASE_URL = "https://api.browseract.com/v2/workflow"
Verify the BrowserAct account, template, and pricing before use, especially for large searches.