Recreation Information Database Search
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: ridb-search Version: 1.0.0 The skill bundle is benign. The `scripts/search.py` script accesses the `RIDB_API_KEY` environment variable and makes network requests to `nominatim.openstreetmap.org` and `ridb.recreation.gov`. These actions are explicitly documented in `SKILL.md` and `README.md` and are essential for the skill's stated purpose of searching the Recreation Information Database. There is no evidence of unauthorized data exfiltration, malicious execution, persistence, obfuscation, or prompt injection attempts against the agent.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You will need to provide a RIDB API key; the included code sends it to the RIDB API in the expected `apikey` header.
The skill requires a service API key, which is appropriate for RIDB searches, but users should notice this because the registry metadata declares no required credentials or environment variables.
Requires a free RIDB API key ... Set environment variable: `export RIDB_API_KEY=your_key_here`
Use a dedicated RIDB key if possible, prefer the documented environment variable over pasting keys into shared command logs, and remove or rotate the key if you no longer use the skill.
Search locations or coordinates may be shared with OpenStreetMap/Nominatim and RIDB to return campground results.
Location-name searches are sent to an external geocoding provider, and coordinates are then used with RIDB; this is disclosed and purpose-aligned, but it is still an external data flow.
Geocoding uses OpenStreetMap/Nominatim (free, no key required)
Avoid entering sensitive home or private locations if you do not want those queries sent to the external geocoding/search services.