geolocation-skill
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (MEDIUM): The skill is susceptible to indirect prompt injection via untrusted external inputs.
- Ingestion points: Processes user-provided images in
scripts/examine_region.pyand web search/fetch results inSKILL.md. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the reasoning workflow.
- Capability inventory: The skill possesses file-writing capabilities (saving processed images) and network access (WebSearch/WebFetch tools).
- Sanitization: No logic exists to sanitize or filter text extracted from images or external web pages before processing.
- EXTERNAL_DOWNLOADS (LOW): The script
scripts/examine_region.pyrequires thePillowlibrary. While this is a standard image processing package, it is an external dependency and no version constraints are provided in the skill documentation.
Audit Metadata