map
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Analysis of the source code shows no signs of malicious intent or unauthorized data access. The skill correctly uses configuration files for API keys and performs input validation for coordinates. All network requests are directed to well-known and trusted Amap API endpoints.
- [PROMPT_INJECTION]: The skill accepts user-provided search keywords and locations which are then interpolated into API requests. This constitutes an indirect prompt injection surface where a malicious API response could potentially influence agent behavior. Ingestion points: map.py CLI arguments; Boundary markers: Absent; Capability inventory: Network access via the requests library in map_manager.py; Sanitization: Input coordinate validation via regex and automatic URL parameter encoding provided by the requests library.
Audit Metadata