google-maps-search-api-skill

This skill is a Google Maps search/scraping automation that delegates data collection to a third-party service (BrowserAct). Functionally it matches its stated purpose (search keywords -> structured business data). The primary risks are supply-chain and privacy-related: forwarding search queries and the BROWSERACT_API_KEY to a third-party scraping provider concentrates trust and exposes collected PII if the provider is malicious or compromised; automated scraping may also run afoul of Google Maps terms of service. There is no evidence of obfuscation, embedded malware, or direct credential theft in the skill text itself. Recommend: (1) treat the BrowserAct service as a high-trust dependency — verify its reputation, security, and privacy policies before supplying API keys; (2) document and implement safeguards for PII handling and TOS compliance; (3) require explicit user consent before running automated extraction, and avoid proactive runs without user confirmation.