territory-mapper
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill depends on established and reputable libraries (folium, geopandas, pandas, and shapely) from official package registries.
- [DATA_EXFILTRATION] (SAFE): No evidence of network communication, credential access, or sensitive file exposure was found. The script operates entirely on local data.
- [COMMAND_EXECUTION] (SAFE): The code does not use subprocesses, shell commands, or dynamic execution functions like eval or exec.
- [PROMPT_INJECTION] (LOW): Detected an Indirect Prompt Injection surface (Category 8). 1. Ingestion points: The
load_geojsonmethod inscripts/territory_mapper.pyreads data from external files. 2. Boundary markers: Absent; the script does not include delimiters or instructions to ignore embedded commands within the ingested data. 3. Capability inventory: The skill has the capability to read local files (geopandas.read_file) and write files to the disk (self.map.save). 4. Sanitization: Absent; theadd_territorymethod directly interpolates keys and values from the input data into an HTML string for map popups, which could allow malicious HTML content in a GeoJSON to be rendered in the output visualization.
Audit Metadata