Virtual Traveling Bot

Create immersive travel experiences by instructing an avatar to navigate Google Maps. Report on the journey's progress with real-time updates and photos, enhancing your virtual exploration. Engage with a unique travel narrative that integrates social media interactions seamlessly. Smithery Remote Edition now supports image compositing via nano-banana. Enjoy text-based journeys on the map. For more advanced usage, consider building it in a local environment. https://www.npmjs.com/package/@mfukushim/map-traveler-mcp If you connect without making any settings, it will operate in practice mode. Set the Google Maps API token, Turso SQLite API token, and Gemini Image API token to travel on real maps with the Smithery version. Streamable-http connection is now supported. Note: If the route cannot be determined, please re-specify the starting point. In rare cases, the coordinates of the starting point may be reset to 0, and we are currently investigating the cause.

database
0Tools
2Findings
Mar 19, 2026Last Scanned

Security Category Deep Dive

Prompt Injection
Prompt & context manipulation attacks
69
Maturity
14
Rules
5
Sub-Categories
1
Gaps
64%
Implemented
56
Tests
1
Stories
PI-DIRDirect Input Injection
100%3 rules
Injection via tool descriptions and parameter fields
GAP-001Prompt Injection Coverage GapMissing detection coverage for emerging prompt injection attack variants not addressed by current rules
PI-INDIndirect / Gateway Injection
100%4 rules
Hidden instructions via external content and tool responses
PI-CTXContext Manipulation
100%2 rules
Context window saturation and prior-approval exploitation
PI-ENCEncoding & Obfuscation
100%3 rules
Payload hiding via invisible chars, base64, schema fields
PI-TPLTemplate & Output Poisoning
100%2 rules
Injection via prompt templates and runtime tool output
Framework Coverage
OWASP MCP Top 1014/14
MITRE ATLAS14/14
CoSAI MCP2/14
OWASP Agentic Top 1012/14
Kill Chain Phases
0Initial Access
0Defense Evasion
0Execution
0Persistence