Back to skill

Security audit

Google Maps Search Api Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward BrowserAct integration for Google Maps business searches, with expected API-key and network use but no hidden persistence or destructive behavior.

Install this only if you are comfortable sending Google Maps search terms, location filters, and BrowserAct API usage to BrowserAct. Keep the API key in an environment variable, avoid pasting it into shared logs or chats, and review sensitive competitor, prospecting, or location-based searches before running them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill requires an environment variable and instructs execution of a Python script that calls an external BrowserAct service, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: the agent may access secrets and transmit user-supplied queries to the network without an explicit permission model, increasing the chance of unintended data disclosure or unsafe execution.

Vague Triggers

High
Confidence
97% confidence
Finding
The description tells the agent to proactively apply the skill across a wide range of loosely related business-research requests, which can trigger the tool without sufficiently specific user intent. In practice, that can cause unanticipated external API calls, unnecessary transmission of search terms, and collection of third-party business data when the user did not explicitly ask to use this integration.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill does not warn users that their search keywords, localization parameters, and potentially sensitive business-research intent will be sent to a third-party API service. This undermines informed consent and may expose confidential market research, prospecting targets, or location-sensitive queries to an external provider.

External Transmission

Medium
Category
Data Exfiltration
Content
# 1. Start Task
    print(f"Start Task", flush=True)
    try:
        res = requests.post(f"{API_BASE_URL}/run-task-by-template", json=payload, headers=headers).json()
    except Exception as e:
        print(f"Error: Connection to API failed - {e}", flush=True)
        return None
Confidence
84% confidence
Finding
requests.post(f"{API_BASE_URL}/run-task-by-template", json=

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.