Back to skill

Security audit

Google Maps Search Api

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it claims, but it tells the agent to collect an API key in chat and may proactively send business-search queries to BrowserAct without an explicit confirmation step.

Review before installing. Use this only if you are comfortable sending Google Maps search terms and task parameters to BrowserAct, and set BROWSERACT_API_KEY through your environment or a secure secret store rather than pasting it into chat. Confirm each run when searches may reveal sensitive business plans, lead lists, or customer targets.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill directs the agent to read an environment variable and perform networked script execution, but it does not declare those capabilities. Hidden or undeclared capabilities reduce transparency and policy enforcement, making it easier for a user or host platform to invoke code with broader access than expected.

Vague Triggers

Medium
Confidence
85% confidence
Finding
The activation guidance is broad enough that the skill may trigger on common business-search requests without the user explicitly asking to use this external API workflow. That can cause unintended execution of code and transmission of user queries to a third-party service, which is a security and privacy concern in agent environments.

Ssd 3

Medium
Confidence
98% confidence
Finding
The skill explicitly tells the agent to ask the user to paste an API key into chat. Chat messages are often logged, retained, exposed to other tools, or visible in transcripts, so collecting secrets through chat significantly increases the risk of credential leakage and downstream account compromise.

External Transmission

Medium
Category
Data Exfiltration
Content
# 1. Start Task
    try:
        res = requests.post(f"{API_BASE_URL}/run-task-by-template", json=payload, headers=headers).json()
    except Exception as e:
        print(f"Error: Connection to API failed - {e}")
        return None
Confidence
88% confidence
Finding
requests.post(f"{API_BASE_URL}/run-task-by-template", json=

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.