Skills
skills/dkyazzentwatwa/chatgpt-skills/kml-geojson-converter/Gen Agent Trust Hub

kml-geojson-converter

Pass

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: LOWPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill possesses an attack surface for indirect prompt injection via the ingestion of untrusted spatial data.
  • Ingestion points: The script scripts/kml_geojson_converter.py reads external files using geopandas.read_file().
  • Boundary markers: No boundary markers or instruction-guarding delimiters are used when processing external data.
  • Capability inventory: The skill has permissions for local file system read and write operations via geopandas and os.makedirs.
  • Sanitization: No explicit sanitization of geographic metadata (e.g., KML description tags) is performed, relying entirely on the underlying parser.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 15, 2026, 11:28 PM