amazon-location-service
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a collection of reference materials and code examples for integrating Amazon Location Service APIs (Maps, Places, Routes, etc.). It contains no executable scripts or malicious patterns.
- [EXTERNAL_DOWNLOADS]: The documentation references official AWS SDK packages (e.g.,
@aws-sdk/client-geo-places) and well-known CDNs (unpkg.com, jsdelivr.net) for loading MapLibre and AWS client libraries. These are standard, trusted sources for web development. - [CREDENTIALS_UNSAFE]: Code examples include placeholders for authentication (e.g.,
API_KEY,IDENTITY_POOL_ID). The skill provides explicit guidance on securing API keys using domain restrictions and standard AWS authentication helpers, mitigating risks associated with client-side credential usage. - [INDIRECT_PROMPT_INJECTION]: The skill provides patterns for handling user-provided address strings and search queries. While this is an ingestion point for untrusted data, the guidance promotes using structured API commands and validation steps, which is consistent with standard application development and does not introduce unusual vulnerability surfaces.
Audit Metadata