geo-visualizer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill processes untrusted CSV and GeoJSON data to populate map markers and popups. This creates a potential surface for stored XSS or indirect injection if the processed data is malicious, though this is expected behavior for a mapping utility. 1. Ingestion points: from_csv and from_geojson in SKILL.md. 2. Boundary markers: None present. 3. Capability inventory: File writing via the save method. 4. Sanitization: Relies on the underlying folium library's internal handling.
Audit Metadata