ClawHub

Baidu AI Map(百度地图官方AI SKills)

v1.0.5

百度地图 Agent Plan ,调用AI地点检索、AI路线规划、地理编码、逆地理编码、天气查询五类能力。

138· 721·2 current·2 all-time
bybaidu-maps@lbs-bmap
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (Baidu 地图 AI 功能) match the declared requirement of a BAIDU_MAP_AUTH_TOKEN and use of curl to call Baidu Map APIs; requested credential and declared primaryEnv are appropriate for a mapping API integration.
Instruction Scope
SKILL.md contains only API call patterns and rules for parameter handling and authentication; it does not instruct reading unrelated files, extra environment variables, or sending data to third-party endpoints outside the documented Baidu base URL.
Install Mechanism
No install spec and no code files — instruction-only skill — so nothing is written to disk or downloaded. This is the lowest-risk install profile.
Credentials
Only a single API token (BAIDU_MAP_AUTH_TOKEN) is required and used for Authorization headers as expected. There are no unrelated secrets, extra config paths, or unexplained environment access.
Persistence & Privilege
always is false and the skill does not request persistent/privileged system presence or modify other skill/system configuration. The skill can be invoked autonomously by the agent (platform default), which is appropriate for this integration.
Assessment
This skill looks internally consistent and limited in scope, but before installing: 1) Treat BAIDU_MAP_AUTH_TOKEN as a secret — only provide a token with the minimum necessary scope and rotate/revoke it if compromised. 2) Verify the skill's provenance (registry owner vs. the claimed GitHub repo and Baidu docs at https://lbs.baidu.com) to ensure it's an official or trusted integration. 3) Be aware that when the agent uses this skill it will send the token in Authorization headers to https://api.map.baidu.com/ — ensure that network egress and data-sharing policies are acceptable. 4) Because the skill is agent-invocable, confirm you are comfortable with the agent making API calls on your behalf (this is normal but worth noting). 5) If you need stricter controls, consider using a token with limited quota/permissions or placing network/workflow guards around the agent.

Like a lobster shell, security has layers — review code before you run it.

latestvk97abzspwf7ktyx5nwcrjx0vkx84sv42

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

Binscurl
EnvBAIDU_MAP_AUTH_TOKEN
Primary envBAIDU_MAP_AUTH_TOKEN

Comments