Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Brouter
v1.0.2Generate GPX bike routes via brouter.de. Use when the user wants a bike route as a GPX file between two places, optionally specifying a routing profile. http...
⭐ 0· 216·1 current·1 all-time
by@si-gr
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the code and instructions: index.js calls brouter.de, produces GPX, and writes files. Dependencies (node-fetch, gpx-parse) are proportional to the task.
Instruction Scope
SKILL.md correctly requires geocoding to coordinates before calling index.js and instructs how to run the module. However it does not advise which geocoder to use (so agents may call arbitrary external geocoders) and does not warn about the implementation's logging or output-path controls. The run instruction expects the agent to perform geocoding externally, which is reasonable but expands the set of external services used and potential data exposure.
Install Mechanism
There is no install spec (instruction-only at runtime), but package.json lists npm dependencies. Users/agents will need to ensure node modules are installed (npm install) prior to running index.js.
Credentials
The skill requests no environment variables or credentials. However, the implementation logs the full options object (including start/end coordinates and any labels) to a local brouter.log file and includes full request context in success/error logs — a privacy concern since location data is sensitive.
Persistence & Privilege
The skill writes files to disk (routes/ by default) and maintains a persistent brouter.log alongside the skill. It allows overriding outputDir and fileName; provided fileName/outputDir are not sanitized, a malicious or buggy agent invocation could cause files to be written to unexpected filesystem locations (path traversal / arbitrary write). always:false and normal invocation privileges mitigate but do not remove this risk.
What to consider before installing
This skill generally does what it says (calls brouter.de and writes a GPX file), but review these issues before installing:
- Network privacy: index.js calls brouter.de over plain HTTP (http://brouter.de). Coordinates and route requests will be sent unencrypted and could be intercepted. Prefer HTTPS or confirm brouter.de behavior.
- Local logging: the skill appends structured logs (including the options object which contains start/end coordinates) to brouter.log in the skill directory. If you care about location privacy, plan for log retention, rotation, or disable logging.
- File-write controls: you can override outputDir and fileName when invoking run(). The code does not sanitize a supplied fileName/outputDir, so a malicious or buggy invocation might write files outside the intended routes/ folder. Restrict who/what can call this skill or validate inputs before invoking.
- Geocoding: SKILL.md asks the agent to geocode free-text locations. That will involve calling external geocoding services (and sending user location text) — choose a trusted geocoder and be aware of data sent to it.
- Runtime setup: package.json lists dependencies; ensure node modules are installed in a controlled environment (npm install) before use.
If you accept these risks, restrict invocation to trusted agents/processes, run the skill in a sandboxed environment, prefer HTTPS, and consider editing index.js to (a) use HTTPS, (b) avoid writing sensitive data to logs or make logging optional, and (c) validate/sanitize outputDir and fileName to prevent arbitrary writes.Like a lobster shell, security has layers — review code before you run it.
latestvk974w6hkr0kgc84p0wqq8zzgz182xddr
License
MIT-0
Free to use, modify, and redistribute. No attribution required.