local-places
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from the Google Places API, creating a surface for indirect prompt injection if place descriptions or names are maliciously crafted.
- Ingestion points:
search_places,get_place_details, andresolve_locationsinsrc/local_places/google_places.pyfetch external data. - Boundary markers: Absent. No specific markers are used to delineate API data from system instructions.
- Capability inventory: The skill performs HTTP requests to Google and operates a local web server.
- Sanitization: Absent. The skill does not sanitize text content returned from the Google Places API.
- [SAFE]: The skill uses well-known tools (
uv,fastapi,httpx) and interacts with trusted Google services. API key management follows common local development practices.
Audit Metadata